Any games or applications using Unity will need to be patched, the game engine company says, following the discovery of a new vulnerability.
Unity is urging users to update their software as a new security vulnerability has been spotted in Unity versions 2017.1 and later. It's present across versions for Android, Windows, Linux, and macOS operating systems.
Unity Version 2017.1, as the name implies, launched all the way back in 2017, so this exploit has been there for eight years now.
If you have developed a game or app using version 2017.1 onwards, Unity 'strongly' recommends you "recompile and republish your application." If your app is on Android, its built-in malware scanning and security features will pick up on affected software, and Windows' Microsoft Defender has also been updated to "detect and block the vulnerability." Valve is also adding additional protections against the vulnerability.
If you would prefer not to rebuild projects, that patches applications on Android, Windows, and macOS. However, this tool does not work on builds with tamper-proofing or anti-cheat measures, and it doesn't work with Linux either.
Linux still has a high severity on , but Unity clarifies, "Due to the lower risk profile, Unity has not released a Linux version of the Unity Application Patcher. If desired, particularly in environments with strict access control policies, rebuild your Linux application with a patched Unity Editor to remove the vulnerable code paths."
Unity also clarifies "the fix is unlikely to break most games", which sounds less reassuring than might have been intended.
Developers using Unity are being encouraged to inform users to keep devices and applications up to date, as those working off old versions could be vulnerable. It's just good form to make sure software is up-to-date, but it will be particularly important for Unity software going forward.
1. Best gaming laptop:
2. Best gaming PC:
3. Best handheld gaming PC:
4. Best mini PC:
5. Best VR headset:
👉👈