According to Dexerto. a dangerous remote code execution (RCE) vulnerability detected in Dark Souls 3 could allow a bad actor to take control of your computer. The vulnerability puts only online PC gamers at risk and could potentially affect Dark Souls, Dark Souls 2 and the upcoming Elden Ring. The servers of various Dark Souls games were shut down in response.
This exploit was seen in action during The__Grim__Sleeper’s Dark Souls 3 online Twitch stream. At the end of the show (1:20:22) The__Grim__Sleeper’s game crashes, and the robotic voice of Microsoft’s text-to-speech generator suddenly begins to criticize his game. The__Grim__Sleeper then reports that Microsoft PowerShell is self-opening; this indicates that the hacker is using the program to activate the text-to-speech function.
However, it was probably not a malicious hacker – a screenshot of the SpeedSouls Conflict could reveal the real intentions of the “hacker”. According to the article, the hacker became aware of the loophole and tried to contact the developer Dark Souls FromSoftware. It is said that it was ignored, so publishers began to use hacks to draw attention to the problem.
But if the bad actor discovered this problem for the first time, the result could have been worse. As RCE Kaspersky noted, it is one of the most dangerous vulnerabilities. It allows hackers to run malicious code on their victims’ computers, causing irreparable damage and stealing potentially sensitive information.
Blue Sentinel, a community-created anti-fraud mod for Dark Souls 3, has since been patched to protect against RCE vulnerabilities. In a post on R / darksouls3, the user explains that (hopefully) only four people know how to hack RCE – two are Blue Sentinel developers, and the other two are probably “working on it”. referring to the people who helped solve the problem.
Bandai Namco, a spokesman for the Dark Souls publisher, commented on the Reddit post: “Thank you so much for pinging. The report on this issue was submitted to the relevant internal teams earlier today, and the information is now highly appreciated!” The Verge contacted Bandai Namco with a request for comment, but did not respond immediately.
Thankfully, FromSoftware and Bandai Namco solve the problem. Early Sunday morning, the Dark Souls Twitter account announced that PvP servers for Dark Souls: Remastered, Dark Souls 2 and Dark Souls 3 had been temporarily shut down “to allow the team to investigate recent reports of problems with online services.” He added that the Dark Souls: Ready to Die Edition servers will also be shut down soon. It only affects PC gamers – if you’re playing on a PlayStation or Xbox, you can still play online. There is no information on when the servers will be backed up