• CS1.6 servers used zero-days to infect users with malware
    19 replies, posted
https://www.zdnet.com/article/malicious-counter-strike-1-6-servers-used-zero-days-to-infect-users-with-malware/ https://files.facepunch.com/forum/upload/441/f1e9b8f0-7000-4927-8ce1-a9f3a7a86969/image.png
Don't connect to Russian servers
banana.wad is a good example of this happening.
Would you look at that, valve has done gasp fuck all about the remote execution exploits that were mentioned years ago by a user here.
Is this the same exploit that was mentioned years ago here on Facepunch?
This was reported back in December: https://github.com/ValveSoftware/halflife/issues/2063 Took them 4 months to get it fixed.
And of course they're Russian servers. I just don't trust anything Russian or Chinese on the Internet at this point, not even fucking game servers.
Do you actually expect them to still be releasing security updates for a game that's old enough to vote?
Valve stated that they will fix critical issues like this.
yes ofc if u sell software u should at least patch rces in it lmao gotta have bad brains to think otherwise tbh
Considering CS1.6 still has 4-5 figures playing at any given time, yes. Yes I do.
I'm pretty sure this affects nearly all source based games.
So game that's still played by many and sold in steam store should have unfixed security issues ?
Considering it still has an active player base, yes I mean hell, Bungie patched Halo CE when gamespy shutdown and by that point 343 had already taken over making Halo
Back when I was playing it in high school, everyone just downloaded it from a freeware site; I was 100% convinced it was abandonware at this point.
The latest beta branch of CS1.6 fixes this exploit.
How many of those are real people though? I've never been able to find real players on the vanilla maps.
Probably. Valve doesn't give a shit about fixing broken shit. Are they still selling the product?
That's a sentence I didn't think I'd hear
Sorry, you need to Log In to post a reply to this thread.