Earlier this week, we heard about a rather nasty vulnerability in the PC version of Cyberpunk 2077. The vulnerability, as CD Projekt Red described it, involved external DLL files and could have potentially allowed for remote code execution through untrustworthy mods or even custom saves. CD Projekt Red told players to steer clear of untrusted mods and custom saves until it was able to get a fix out the door, which is happening today.
Hotfix 1.12, which is now rolling out on PC, “addresses the vulnerability that could be used as part of remote code execution (including save files),” according to the studio. The update fixes a buffer overrun issue and removes and replaces non-ASLR DLLs.
It should be relatively safe for you to use Cyberpunk 2077 mods again. Although there’s always a chance that mods include risky executable files, if you want give the grimy Night City a cel-shaded, comic book-style aesthetic, it’s probably okay for you to have at it.
As those modders create their add-ons for Cyberpunk 2077, CD Projekt Red has also committed to working on fixing the game itself. The company has already released one of two major patches it promised for early 2021, and we’re expecting the second one to follow this month. After that, we’ve got a series of updates and improvements to look forward to as we move through the rest of the year, so we’ll give you more details about all of that as CD Projekt Red shares them.