Image: CD PROJEKT RED

Earlier this week, Cyberpunk 2077 players were cautioned about using custom mods and saves on the PC version of the sci-RPG due to a newly discovered vulnerability affecting certain external DLL files that could allow malicious actors to execute unwanted code on PCs. The developer has addressed that issue today with its latest hotfix, version 1.12, which fixes a buffer overrun issue and removes/replaces non-ASLR DLLs.

“Hotfix 1.12 is now available on PC,” CD PROJEKT RED’s patch notes read. “This update addresses the vulnerability that could be used as part of remote code execution (including save files).”

  • Fixed a buffer overrun issue.
  • Removed/replaced non-ASLR DLLs.

“If you plan to use @CyberpunkGame mods/custom saves on PC, use caution,” the developer warned after its initial discovery. “We’ve been made aware of a vulnerability in external DLL files the game uses which can be used to execute code on PCs. Issue will be fixed ASAP. For now, please refrain from using files from unknown sources.”

Don’t Miss Out on More FPS Review Content!

Our weekly newsletter includes a recap of our reviews and a run down of the most popular tech news that we published.

Join the Conversation

1 Comment

  1. Curious, this was two days after CDPR blamed modders and the creator of CyberEngineTweaks publicly laid out exactly what was wrong and whos fault it really was. (Hint: It wasn’t the modders fault.)

Leave a comment