Dark Souls servers taken down following discovery of critical vulnerability
Bandai Namco, publisher of the Dark Souls role-playing game series, has taken down its player-versus-player servers while it investigates reports of a serious vulnerability that allows players to execute malicious code on the PCs of fellow players.
Word of the critical remote-code-execution flaw emerged over the weekend in Reddit threads here and here. An exploit that hit a user named The_Grim_Sleeper was captured in a video stream posted over the weekend. Starting around 1:20:22, the user’s game crashed, and a robotic voice mocked his gameplay and maturity level.
“What the fuck,” The_Grim_Sleeper said in response. “My game just crashed, and immediately Powershell opened up and started narrating a fucking” screed. “I didn’t even know that shit was possible.”