CD Projekt Red trudges along on its road to redemption with Cyberpunk 2077. Today marks the release of the latest update which is meant to address some of the issues hidden deeper in the game’s code than most players will ever directly notice. That certainly doesn’t detract from the significance of the update though. Hotfix 1.12 patches two important security vulnerability issues in Cyberpunk 2077. That means you’ll be the only one doing the hacking from here on out. You shouldn’t have to worry about getting hacked IRL.
The hotfix mentions two particular issues that have been resolved. Together, CD Projekt Red claims the issues presented a serious security vulnerability that could be used as part of remote code execution. Furthermore, the issue extended to save files as well. The developer notes that Cyberpunk 2077 hotfix 1.12 fixes this vulnerability by correcting a buffer overrun issue in addition to removing/replacing non-ASLR DLLs. If that means nothing to you, you’re not alone.
Summoning the computer geniuses
We decided to hit up some cybersecurity resources to get a better idea of what was going on. According to Imperva, A buffer overflow occurs when data volumes exceed memory buffer capacity. As a result, the program attempting to write the data to the buffer overwrites adjacent memory locations. If the transaction overwrites critical code, it can cause unexpected behavior. This could relate to incorrect results, memory access errors, or crashes. It can also be exploited to damage code and expose private information.
Hotfix 1.12 is now available on PC!
This update addresses the vulnerability that could be used as part of remote code execution (including save files):
– Fixed a buffer overrun issue.
– Removed/replaced non-ASLR DLLs. pic.twitter.com/LAkBfVpnXf— Cyberpunk 2077 (@CyberpunkGame) February 5, 2021
As for the ASLR DLLs, they sound equally complicated. You can read more into it here if you want to be big brain. In short, it works in a way that is similar to buffer overrun “when a program mistakenly writes attacker-controlled data outside of an intended memory region.” They’re entirely different in practice, but you get the idea. Systems get confused and put stuff in the wrong place which exposes data or leads to hacker intrusions.
Obviously you don’t want any of this bad business going on, so get Cyberpunk 2077 hotfix 1.12. It’s not as sexy as the new KFC dating sim, but it’s one of the most worthwhile 14 MB updates you can do.
