Rockstar Games has finally released a patch for a dangerous RCE vulnerability in GTA Online that allowed loss of game progress, theft of game money, a ban and other unpleasant consequences. The bug also threatened remote arbitrary code execution on any PC running the game.
You might also be interested in reading about 5 Dangers of Cracked Games.
The RCE bug in GTA Online became known back in January. Then the Rockstar Games support forums were inundated with numerous user complaints about problems with accounts.
Worse, experts warned that the vulnerability had already received a CVE identifier (CVE-2023-24059) and could result in more than just gaming problems: since the error allowed remote arbitrary code execution, it could lead not only to hacking GTA Online accounts, but also any computer running the game.
As a result, all Windows users were urged to stay away from GTA Online until the error was fixed.
The researchers wrote that all this chaos was provoked by the North GTA Online cheat developer, who added new “features” related to this vulnerability to his product. He later rolled back the changes and acknowledged that it was a mistake to make public features related to removing money from players and damaging accounts.
Rockstar Games developer has finally released a patch for a dangerous issue this week. Although the description of the patch contains almost no details, the fix is clearly directed against an existing exploit. So, the patch notes say that developers:
- Implemented a new data transfer protocol in GTA Online to improve the security of network sessions and messaging between players;
- fixed an issue where a player’s experience in GTA Online could be modified by a third party, including: changing GTA$ balance, RP level, Bad Sport status and other player characteristics, as well as player manipulation resulting in kicks and crashes.
Does the new patch work? So far, most experts answer this question briefly: “I hope.” For example, the Rockstar Games Twitter account Tez2 says that the fix should work effectively against RCE exploits, but will not affect cheaters in public lobbies.
In addition, the fix created a lot of problems for Speyedr, the developer of the well-known custom firewall for GTA V called Guardian. He said that current and older versions of the Guardian can now only work in single session mode, and promised to fix this in the coming days.
We remind you of the banality that exploiting vulnerabilities in games is a crime with mandatory retribution. For example, the media wrote that Alleged Uber and Rockstar Hacker Arrested in the UK.