Cyberpunk 2077 hotfix addresses critical security bug

Mods and custom save files could allow remote code execution on your PC


Of all the Cyberpunk 2077 glitches – and boy, there have been a lot of them – the most distressing has certainly been an issue which would allow mods and custom save files to run remote code on your PC. Developer CD Projekt Red warned users of the mod exploit earlier this week, and a new hotfix is here to close that hole.

“This update addresses the vulnerability that could be used as part of remote code execution (including save files),” the studio says on Twitter. The devs have “fixed a buffer overrun issue” and “removed/replaced non-ASLR DLLs”, if you want the technical version. If you’re keen to get into some Cyberpunk 2077 mods, you’ll want this patch ASAP.

CD Projekt Red was initially made aware of the issue thanks to a group of community members, who warned that the game’s DLL files could be used for remote code execution. Essentially, it meant that if you downloaded a mod or a save file from somebody with nefarious intent, it opened your PC to exploits and hacks over the internet.

The devs have not indicated that any mod or save file out there has actually made use of this exploit – only that it was possible until today’s update.

There are some other cyberpunk games out there for you to enjoy if you’re waiting for some of the more substantial bug fixes and patches still to come.