CD Projekt RED doesn’t recommend using mods until they fix the security flaw that popped up recently…

Cyberpunk 2077‘s situation continues to bring up certain moments over time, ever since its launch on December 10 on PlayStation 4, Xbox One, PC, and Google Stadia. (The next-gen consoles also run the game via backwards compatibility – the next-gen patch won’t come until the second half of the year.) A recently discovered vulnerability in a DLL file could be used to execute code on PCs and PlayStation 4s while running the game.

The issue showed up on Reddit by the Red Tools mod team. „Through the use of a mod or a crafted save game, malicious codes can be executed to take control of the PC by the creator of the save game/mod,” they wrote, but since then, it was confirmed that the PlayStation 4 is also vulnerable. CD Projekt RED was informed of the vulnerability issue last week, but they haven’t officially responded until now.

„If you plan to use Cyberpunk 2077 mods/custom saves on PC, use caution. We’ve been made aware of a vulnerability in external DLL files the game uses which can be used to execute code on PCs. [The] issue will be fixed ASAP. For now, please refrain from using files from unknown sources,” CD Projekt RED wrote on Twitter. They also stated to Eurogamer: „A group of community members reached out to us to bring up an issue with the external DLL files the game uses. This issue can be potentially used as part of remote code execution on PCs. We appreciate their input and are working on fixing this as soon as possible. In the meantime, we advise everyone to refrain from using files obtained from unknown sources. Anyone who plans to use mods or custom saves for Cyberpunk 2077 should use caution until we release the aforementioned fix.” They didn’t mention the PlayStation 4 either time.

If they are serious about this ASAP comment, then by the weekend, the security flaw should be gone with the help of a hotfix. But when will Cyberpunk 2077’s run of bad news end?

Source: PCGamer