Valve has finally fixed a security vulnerability in Counter-Strike: Global Offensive that could be used by hackers to gain remote control of a player's PC – an issue the company had reportedly known about for two years by the time its existence was publicised last week.
News of the exploit was circulated in a tweet by not-for-profit reverse-engineering group The Secret Club. It explained one of its members, Florian, had contacted Valve two years prior to report a remote code execution flaw which made it possible for a hacker to take over a target's PC by tricking them into accepting a Counter-Strike: Global Offensive Steam invite.
Although the exploit – one of several vulnerabilities reported to Valve by Secret Club members – had the potential to affect any game utilising Source Engine, The Secret Club stressed only CS:GO was still verifiably at risk. "We cannot say for sure if and when things have been patched in other games throughout the time without us being notified about it," it wrote.
