Tweet
A very dangerous new exploit has been discovered for those playing Dark Souls 3 and could also impact Elden Ring. This is a remote code execution (RCE) vulnerability that could allow for people to run code on your machine without permission. This is a very serious exploit that could, if used in the wild, grant attackers full access to your computer.
If you are connected to the online services while playing Dark Souls 3, this could potentially be used against you. Furthermore, it has been stated by those close to the source that this same exploit vector is currently possible in Elden Ring given how similar their underlying multiplayer systems are. That is unless FromSoftware patches this before release.
A proof of concept for this RCE vulnerability was used in the past day against Twitch streamer The__Grim__Sleeper. You can see what happened to him starting around the 1 hour, 20 minute mark from his recent stream.
In the video, you can see that the attacker forced The__Grim__Sleeper's game to crash. The attacker then brought up a PowerShell window and enabled text to speech to read out a message to the streamer that can be heard in the video. This was one of the more harmless uses of the vulnerability.
The exploit is allegedly not out in the wild just yet. What happened here is that the person who discovered this exploit told FromSoftware about it "months ago," but no action was taken by the developers to fix it. As such, the creator apparently decided to target some streamers in the past day in order to bring some attention to the issue. There are supposedly only about four people that know how to carry out this attack.
Of course, now that people know that such a vulnerability exists, there's no stopping other hackers from trying to discover the exploit for themselves and cause some very serious damage.
As of right now, the only way to ensure that you avoid becoming a victim is to play Dark Souls 3 in offline mode. It cannot be stated enough that RCE exploits are very dangerous if they aren't patched.
The community manager for Elden Ring, Izmar, has been made aware of this RCE vulnerability and has passed along the information to "relevant people."
There have been several threads about this issue created on r/DarkSouls3 and r/EldenRing on Reddit. Other threads have also started to pop up on non-game specific subreddits. If nothing else, the person that discovered this exploit, and carried out the attack on The__Grim__Sleeper, certainly got their wish fulfilled of attention being brought to the issue.
Update at 4:52PM (ET) on January 22, 2022: The Blue Sentinel mod for Dark Souls 3 has just been updated to version 1.30. This update is said to protect against this RCE vulnerability. I cannot personally vouch for this mod or its effectiveness, but if you insist on playing online, it would be wise to update to the latest Blue Sentinel release.
Update 2 at 5:44PM (ET) on January 22, 2022: It is now being said that this vulnerability may also exist in Dark Souls and Dark Souls 2, in addition to Dark Souls 3 and Elden Ring. At present, there is no mod like Blue Sentinel for Dark Souls or Dark Souls 2 that could mitigate this vulnerability.
