33 with 0 posters participating
Share this story
Researchers have unearthed four game modes that could successfully exploit a critical vulnerability that remained unpatched in the popular Dota 2 video game for 15 months after a fix had become available.
A hacker took advantage of the delay by publishing a custom game mode last March that exploited the vulnerability, researchers from security firm Avast said. That same month, the same hacker published three additional game modes that very likely also exploited the vulnerability. Besides patching the vulnerability last month, Valve also removed all four modes.
Custom modes are extensions or even completely new games that run on top of Dota 2. They allow people with even basic programming experience to implement their ideas for a game and then submit them to Valve. The game maker then puts the submissions through a verification process and, if they’re approved, publishes them.
The first game mode published by Valve appears to be a proof-of-concept project for exploiting the vulnerability. It was titled “test