Vulnerability Reported in Dark Souls 3

According to Dexerto, a dangerous remote code execution (RCE) vulnerability found in Dark Souls 3 could allow a malicious actor to take control of your computer. This risk, which only applies to online players, could potentially affect Dark Souls, Dark Souls 2 and the upcoming Elden Ring as well.

According to a post on R/darksouls3 on Reddit, only 4 people currently know how the RCE hack works. Two of these four are the developers of Blue Sentinel, a community-created anti-cheat mod for Dark Souls 3; The other two are reported to be people who helped uncover the incident.

Hacker hacked publishers to draw attention to vulnerability

This vulnerability was first discovered while The__Grim__Sleeper was streaming online on Twitch. The__Grim__Sleeper, whose game crashed at the end of the broadcast; He was surprised when the robotic voice of Microsoft’s text-to-speech generator suddenly began to criticize his gameplay. Later, when Microsoft Powershell opened on its own, it was discovered that a hacker had used the program to run a script that triggered the text-to-speech feature.

However, this was probably not a malicious hacker. According to a screenshot from SpeedSouls’ Discord, the “hacker” was aware of the vulnerability and tried to contact Dark Souls developer FromSoftware about the issue. However, due to these efforts being ignored, the hacker later started using the method of hacking publishers to draw attention to this problem.

On the other hand, if a malicious actor had discovered this problem first, the result could have been much more severe. As Kaspersky stated, one of the most dangerous security vulnerabilities is RCE; It allows hackers to run malicious code on their victims’ computers, causing irreparable damage and stealing potentially sensitive information.

For now, the most logical thing to do for your and your computer’s safety is to stay away from Dark Souls for a while until an official fix is ​​released.