Rockstar has released a patch for GTA Online that—hopefully—will fix the nasty security vulnerability discovered in January that enabled unscrupulous jerks to steal other players' in-game money, reset their account progress, and even "corrupt" their accounts in a way that effectively leaves them banned from online play.
That's all bad enough in itself, but was potentially only the tip of the iceberg. Speyedr, the creator of the unofficial Guardian firewall mod for GTA5 that aims to protect players from hackers, predicted that the vulnerability could eventually enable remote code execution, enabling hackers to run malware on any PC playing the game.
Rockstar acknowledged the problem shortly after it was reported, saying it aimed to take care of it in a "security-related title update."
- GTA 5 publisher takes legal aim at account-selling site for allegedly raking in 'millions in revenue', while recruiting hackers to keep its cogs turning
- Grand Theft Auto 5 Enhanced launch is going poorly or well depending on how you look at it: It's got a 'mixed' rating on Steam and is one of the most-played games
That update is now live, and while the patch notes don't go into great detail, it's clearly aimed at addressing the exploit.
A new security-focused Title Update is now available for Grand Theft Auto Online on PC: https://t.co/ZaE68kJnDMFebruary 1, 2023
The patch notes, courtesy of Rockstar Support:
Security
- Implemented a new data protocol in GTA Online to improve the security of network sessions and player-to-player messaging
- Fixed an issue that could result in a player’s GTA Online experience being modified by a third party, including:
- Altering GTA$ balance, RP level, Bad Sport status, and other player stats
- Manipulation of players being kicked or crashed
Game Stability and Performance
- General stability improvements
Does it work? The general consensus seems to be, "Hopefully." Players on the GTA Online subreddit are wading in and so far there aren't any reports of unexpected catastrophe. Rockstar reporter Tez2, who made the initial report on the vulnerability, had a "good news, bad news" reaction to the patch notes.
"In terms of remote exploits, it should be safe now," he said on Twitter when asked if the patch fixed the problem. "In terms of regular cheating, nope. You would still face them in public lobbies, but at least no cheaters should annoy you in invite-only lobbies."
Unfortunately, the changes mean potential headaches for Guardian users, as Speyedr warned that the fix means current and older versions of his mod will now only work with the "solo session" mode. A fix for that should be coming soon, though.
"R* don't usually mess with netcode, but this time it makes sense," Speyedr tweeted. "Will investigate this ASAP and try to get the heuristics working again, if all goes well then I'll just include it with 3.1.0b6."
We'll keep an eye on the subreddit to see how the patch shakes out. I've also reached out to Rockstar for more information on the patch, and will update if I receive a reply.
