The source code for Valve games Counter-Strike: Global Offensive and Team Fortress 2 has apparently leaked online. Users are worried that the leak gave hackers the ability to deliver malware to other players through Remote Code Execution.
Third-party Steam monitor Steam Database first reported the leak Wednesday morning, stating the source code, dated 2017 and 2018, was originally made available only to Source engine licencees.
Counter-Strike: Global Offensive and Team Fortress 2 Source Code Reportedly Leaked
Access to the source code for the two games provides hackers with unprecedented control, possibly opening new avenues for potential cyber attacks. Among those new tools is Remote Code Execution, which allows hackers access to another user's computer and make changes without normal authorities and regardless of where the target's computer is located. It is considered one of the most dangerous vulnerabilities in software, allowing attackers to run whatever software they like on affected machines.
No reports of RCE have yet been confirmed, and Valve has yet to address the reported vulnerabilities, but community members in both CS:GO and TF2 have advised one another to stay off both games until Valve confirms the issue resolved.
UPDATE 4/22 (5:50 p.m. ET): Valve issued a response on the Counter-Strike: Global Offensive Twitter account.
"We have reviewed the leaked code and believe it to be a reposting of a limited CS:GO engine code depot released to partners in late 2017, and originally leaked in 2018. From this review, we have not found any reason for players to be alarmed or avoid the current builds."