A new Cyberpunk 2077 hotfix is here, and it's meant to fix some serious security issues with mod support.
Cyberpunk 2077 hotfix 1.12 rolled out on PC today, and developer CD Projekt Red says it "addresses the vulnerability that could be used as part of remote code execution". Previously, oversights in the game's backend security could be exploited to gain more access to your PC than Cyberpunk 2077 should have, opening the door for bad actors to take control.
Hotfix 1.12 is now available on PC!— Cyberpunk 2077 (@CyberpunkGame) February 5, 2021
This update addresses the vulnerability that could be used as part of remote code execution (including save files):
- Fixed a buffer overrun issue.
- Removed/replaced non-ASLR DLLs. pic.twitter.com/LAkBfVpnXf
If you kept your game purely vanilla, you didn't have anything to worry about from this particular issue - the same is true if you only ever got mods from fully trustworthy sources. But it was still a potential security issue given the way mods are circulated online by largely anonymous users.
A hot new game leaving a backdoor open to hackers that can then exploit it to gain control of players' rigs is an extremely cyberpunk problem to have. However, this is the kind of genre authenticity that CD Projekt Red would probably rather avoid - especially since it only added official mod support two weeks ago.
The Cyberpunk 2077 patch notes for version 1.1 went live on January 22, and according to the roadmap CD Projekt Red shared in January, update 1.2 will arrive "in the following weeks". It's set to be even bigger than the first, though the company hasn't shared any more specifics on contents yet. The update for full new-gen console support is still slated for the back half of 2021.
Related Forum: PC Gaming Forum