All PC versions of the Dark Souls games will remain offline for the foreseeable future, according to a new tweet from series publisher Bandai Namco, in order to fix at least one major security vulnerability. Further, the developers are working to ensure that the same serious vulnerability does not persist in FromSoftwareâs upcoming game Elden Ring, due out on February 25.
While that may sound like bad news, some players are actually pleased that FromSoftware and Bandai Namco are finally taking time to fix at least some of their gamesâ most dangerous exploits.
The publisher took all its Souls-series PC game servers offline on January 23 âto allow the team to investigate recent reports of an issue with online services.â This was an oblique way of referring to the numerous security vulnerabilities a number of technically gifted players had been trying to get the developers to acknowledge and fix, some for years. (Note: It appears that the lionâs share of the current exploits only affect PC players. Servers for all console versions of the games remain up.)
#DarkSouls pic.twitter.com/ZRhX9OcvQe
— Dark Souls (@DarkSoulsGame) February 9, 2022
The most serious reported security vulnerabilities, referred to as remote code execution (RCE) exploits, could allow hackers to take full control of playersâ PCs. The story finally broke out into the open about two weeks ago when a person with knowledge of the most recently discovered RCE exploit, frustrated over Bandai Namcoâs reticence to fix the issue, demonstrated the exploit live on an unwitting Twitch streamerâs broadcast.
Read More: Dark Souls Servers Down Due To Exploit That Could Give Someone Control Of Your PC
In new reporting from Video Games Chronicle, one member of the Dark Souls community asserts that there are over 100 cheats and security vulnerabilities in Dark Souls III that affect PC players, and the source states that the presence of these serious problems in Elden Ring is âinevitableâ due to the Souls seriesâ shared network infrastructure.
âWhile itâs not much, I have modded a few other games with an online component and nothing came close to how âbrokenâ Souls networking is,â the player who found the most recent RCE exploit told VGC
Back in December of last year, that player, who wishes to remain anonymous, reached out to Bandai Namco to alert it of the severe risk posed by the new RCE exploit, going so far as to provide two PDFs demonstrating the RCE and suggesting how to fix it. According to VGC, a representative from the Bandai Namco support team acknowledged receipt of the emails, saying the information was âsent to the dedicated teams so they can investigate and take the necessary measures.â
But after over a month without further action, the player decided to take matters into their own hands with that livestream stunt, with an eye toward bringing public attention to the severe flaw and hopefully lighting a bonfire under Bandai Namcoâs ass.
âIt really seems like the online is âpastedâ over a single-player game and no thoughts are given about security,â the exploit-finder told VGC. âItâs staggering how many game structs are memory-mapped into network packets and sent to other players, then used by the receiving playerâs game directly. There are almost no data sanity checks.â
That doesnât bode well for PC Elden Ring being safe to play online, does it? So you can see why some players are relieved that FromSoftware and Bandai Namco are finally taking action on an unspecified number of the reported issues.
Kotaku reached out to the publisher for comment.
Elden Ring comes out on February 25 for Xbox One, Xbox Series X/S, PlayStation 4, PlayStation 5, and PC.
