this post was submitted on 04 Oct 2025

137 points (100.0% liked)

Games

42679 readers

975 users here now

Welcome to the largest gaming community on Lemmy! Discussion for all kinds of games. Video games, tabletop games, card games etc.

Rules

1. Submissions have to be related to games

Video games, tabletop, or otherwise. Posts not related to games will be deleted.

This community is focused on games, of all kinds. Any news item or discussion should be related to gaming in some way.

2. No bigotry or harassment, be civil

No bigotry, hardline stance. Try not to get too heated when entering into a discussion or debate.

We are here to talk and discuss about one of our passions, not fight or be exposed to hate. Posts or responses that are hateful will be deleted to keep the atmosphere good. If repeatedly violated, not only will the comment be deleted but a ban will be handed out as well. We judge each case individually.

3. No excessive self-promotion

Try to keep it to 10% self-promotion / 90% other stuff in your post history.

This is to prevent people from posting for the sole purpose of promoting their own website or social media account.

4. Stay on-topic; no memes, funny videos, giveaways, reposts, or low-effort posts

This community is mostly for discussion and news. Remember to search for the thing you're submitting before posting to see if it's already been posted.

We want to keep the quality of posts high. Therefore, memes, funny videos, low-effort posts and reposts are not allowed. We prohibit giveaways because we cannot be sure that the person holding the giveaway will actually do what they promise.

5. Mark Spoilers and NSFW

Make sure to mark your stuff or it may be removed.

No one wants to be spoiled. Therefore, always mark spoilers. Similarly mark NSFW, in case anyone is browsing in a public space or at work.

6. No linking to piracy

Don't share it here, there are other places to find it. Discussion of piracy is fine.

We don't want us moderators or the admins of lemmy.world to get in trouble for linking to piracy. Therefore, any link to piracy will be removed. Discussion of it is of course allowed.

Authorized Regular Threads

Related communities

PM a mod to add your own

Video games

Generic

!gaming@Lemmy.world: Our sister community, focused on PC and console gaming. Meme are allowed.
!photomode@feddit.uk: For all your screenshots needs, to share your love for games graphics.
!vgmusic@lemmy.world: A community to share your love for video games music

Help and suggestions

By platform

By type

By games

Language specific

!JeuxVideo@jlai.lu: French

founded 2 years ago

MODERATORS

Dremor@lemmy.world

JonsJava@lemmy.world

fxomt@lemmy.dbzer0.com

Dremor@jlai.lu

modfxomt@lemmy.world

PerfectDark@lemmy.world

137

Obsidian Temporarily Removes Games From Sale Due to Unity Exploit (insider-gaming.com)

submitted 2 days ago by simple@piefed.social to c/games@lemmy.world

15 comments fedilink hide all child comments

The games that have been temporarily taken down are:

Grounded 2 Founders Edition
Grounded 2 Founders Pack
Avowed Premium Edition
Avowed Premium Edition Upgrade
Pillars of Eternity: Hero Edition
Pillars of Eternity: Definitive Edition
Pillars of Eternity II: Deadfire
Pillars of Eternity II: Deadfire Ultimate
Pentiment

you are viewing a single comment's thread
view the rest of the comments

[–] Quetzalcutlass@lemmy.world 61 points 2 days ago* (last edited 2 days ago) (2 children)

This feels unnecessary and overblown. From what I've heard, the exploit in question requires a local file and only operates at the privilege level of the game itself, so you're unlikely to encounter it unless you're adding files to your game install.

So you're vulnerable if you install malicious mods, in other words. Which, consisting Unity mods are done via DLL injection, is already the case even without this exploit.

[–] krooklochurm@lemmy.ca 22 points 2 days ago (1 children)

How many unity games have kernel level anti cheat as a requirement and can this exploit leverage that?

[–] sp3ctr4l@lemmy.dbzer0.com 11 points 2 days ago

Oh probably at least some of them, though shouldn't be a problem, after all, the ~~rootkit~~ kernel level anti cheat is within the game directory and its standard privelege/permission model, and is only there for your safety.

=D =D =D

[–] DScratch@sh.itjust.works 24 points 2 days ago (1 children)

Yeah, but if they didn’t do anything then they’d get roasted and maybe sued for negligence.

[–] sp3ctr4l@lemmy.dbzer0.com 12 points 2 days ago* (last edited 2 days ago) (1 children)

Exactly.

Unity literally issued a statement that every game that is affected by this should be patched with the fix ASAP... and this is people doing that.

Not like anyone ever runs a game with admin priveleges or anything, right?

Not like malware from some other source often exploits weird little shit like this that just nobody ever noticed before and thats why that malware stays hidden, right?

https://unity.com/security/sept-2025-01

"No evidence of exploitation" is not the same thing as "we are 100% sure no one has ever been harmed by/via this".

https://cwe.mitre.org/data/definitions/426.html

Description

The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

Extended Description

This might allow attackers to execute their own programs, access unauthorized data files, or modify configuration in unexpected ways. If the product uses a search path to locate critical resources such as programs, then an attacker could modify that search path to point to a malicious program, which the targeted product would then execute. The problem extends to any type of critical resource that the product trusts.

Some of the most common variants of untrusted search path are:

In various UNIX and Linux-based systems, the PATH environment variable may be consulted to locate executable programs, and LD_PRELOAD may be used to locate a separate library.

In various Microsoft-based systems, the PATH environment variable is consulted to locate a DLL, if the DLL is not found in other paths that appear earlier in the search order.

Yeah sounds fairly serious to me, its an 8.4 out of 10 on the severity scale for a reason.

[–] ILikeBoobies@lemmy.ca 1 points 2 days ago* (last edited 2 days ago) (2 children)

Not like anyone ever runs a game with admin priveleges or anything, right?

I would hope no one runs userspace software with elevated privileges.

[–] Venator@lemmy.nz 5 points 1 day ago* (last edited 1 day ago)

on windows its pretty much required by most software every time it does an update...

on linux people login as root all the time because they're too lazy to sudo... or because they messed up file permissions somewhere once...

[–] sp3ctr4l@lemmy.dbzer0.com 9 points 2 days ago

... Have you ever met a computer user?