Gmod Exploit Fix Released

An exploit was released last night that took advantage of the Source Engine’s file sending mechanism which made it possible to send files with any extension to the client or server. This exploit is likely still active in all other Source Engine games so I’m not going to go into specific details about it.

Needless to say that this was exploited in Garry’s Mod on Windows to send dlls to clients and servers. As far as I am aware the exploit wasn’t used to do anything malicious beyond propagating itself, spamming chat and changing server names. But to be safe I would recommend that you consider deleting your Garry’s Mod install and starting fresh. It might be a good idea to do an online virus scan too.

The patch I released this morning attempts to clean up any mess left behind by these exploits and patches the variety of methods which they used. If anyone has further information about the exploits, or any exploits left un-patched please email me personally at [email protected].

Continue reading...