JEMC said:
Unity has found a security vulnerability that has sat dormant for almost a decade: 'Take immediate action to protect your games & apps' https://www.pcgamer.com/hardware/unity-has-found-a-security-vulnerability-that-has-sat-dormant-for-almost-a-decade-take-immediate-action-to-protect-your-games-and-apps/
Any games or applications using Unity will need to be patched, the game engine company says, following the discovery of a new vulnerability.
Unity is urging users to update their software as a new security vulnerability has been spotted in Unity versions 2017.1 and later. It's present across versions for Android, Windows, Linux, and macOS operating systems.
Discovered back on June 4 this year, and patched on October 2, this vulnerability meant that users were "susceptible to an unsafe file loading and local file inclusion attack depending on the operating system." This means someone could enable local code execution or grab information at "the privilege level of the vulnerable application".
It was given a high severity score by Unity and a CVSS score of 8.4. With 10 being the most severe, this vulnerability is quite significant. Unity does clarify that "there is no evidence of any exploitation of the vulnerability nor has there been any impact on users or customers." |
Related to this some games have been purchased disabled presumably while they patch the issue.
A few games that have disabled from purchase:
- Wasteland Remastered
- Wasteland 3
- Pillars of Eternity
- The Bard's Tale Trilogy
- Pentiment
- Fallout Shelter
Other games were patched immediately, from my news feed I see Monster Sanctuary and Overcooked 2.
