White hat hackers from the Dark Souls 3 community have found a major security exploit within the game. The remote code execution vulnerability allows hackers to execute code on another player’s PC while in an online game. Servers for all Dark Souls games have been temporarily taken offline in response to the news.
The exploit reportedly allows hackers to execute any code on a victim’s computer. Additionally, the hack is reportedly “easier to execute” than past exploits. The person who discovered the vulnerability is a member of a group of white hat hackers, who discover security vulnerabilities for the purpose of fixing them. The silver lining is that only four people are aware of the exploit: the two white hat hackers who found it, and the developers of the Blue Sentinel anti-cheat tool. The developers have since updated the Blue Sentinel mod to patch the vulnerability.
Furthermore, the persons involved have reported the Dark Souls 3 exploit to developers at From Software. As From Software games can share net code, some believe the vulnerability could affect other games. These include the first Dark Souls and possibly the upcoming Elden Ring. The development team has deactivated player-versus-player servers for the franchise.
PvP servers for Dark Souls 3, Dark Souls 2, and Dark Souls: Remastered have been temporarily deactivated to allow the team to investigate recent reports of an issue with online services.
Servers for Dark Souls: PtDE will join them shortly.
We apologize for this inconvenience.
— Dark Souls (@DarkSoulsGame) January 23, 2022
Dark Souls 3 is immediately available to play on PC, PlayStation 4, and Xbox One. From Software’s next title Elden Ring will release on February 25, 2022, for the PS4, PS5, Xbox One, Xbox Series X, and PC.