Unity has a security vulnerability seemingly requiring an update

bluewolf
bluewolf Posts: 6,508 Chairperson of the Boards
edited 5 October 2025, 00:55 in MPQ General Discussion

https://www.pcgamer.com/hardware/unity-has-found-a-security-vulnerability-that-has-sat-dormant-for-almost-a-decade-take-immediate-action-to-protect-your-games-and-apps/

From appearances the devs need to patch in the update from Unity and then push a new revision of some sort.

Marvel Snap has already done this.

EDIT: the vulnerability will basically not impact MPQ players at all unless you have a personal website and post it in your ingame chat. For some reason. Not saying the patch shouldn’t happen with the next update, but people shouldn’t worry that someone’s going to get to their App Store account and credit card from MPQ or anything like that.

Comments

  • DAZ0273
    DAZ0273 Posts: 11,717 Chairperson of the Boards

    This needs comment from the Devs. Like Monday.

  • entrailbucket
    entrailbucket Posts: 7,309 Chairperson of the Boards

    This happens. I was able to find 5 or 6 Unity vulnerabilities at this level over the years, which makes sense -- it's so widely used that of course bad guys would target it as an attack vector.

    What's funny is that the old engine was likely riddled with flaws like this. It's just that nobody ever found them because bad guys wouldn't bother to target an app with so few users.

  • KGB
    KGB Posts: 3,863 Chairperson of the Boards

    Since its in PC game I would not be surprised if its a Windows only issue.

    KGB

  • Chrynos1989
    Chrynos1989 Posts: 534 Critical Contributor
    edited 4 October 2025, 17:27

    Seems not to be a big problem, the only thing these guys could steal would be my time and my diggnity, no wait MPQ already did that, nothing to gain from me

  • bluewolf
    bluewolf Posts: 6,508 Chairperson of the Boards

    @KGB said:
    Since its in PC game I would not be surprised if its a Windows only issue.

    KGB

    The article specifically calls out all platforms. Well, definitely Android.

    Not sure how much iOS players will be impacted if it requires a second app to access the back door, and they’re a bit more locked down as to what is allowed on the store.