Club Benefits
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Daily (Mon-Sun)
Tom's Guide Daily
Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.
Weekly on Thursday
Tom's AI Guide
Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!
Weekly on Friday
Tom's iGuide
Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.
Weekly on Monday
Tom's Streaming Guide
Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.
Join the club
Get full access to premium articles, exclusive features and a growing list of member rewards.
Unity users and creators have been unknowingly sitting atop a security vulnerability for almost a decade.
According to a report from PC Gamer, the company has recently found a security flaw that should be immediately addressed to protect games and applications.
Unity vulnerability — what we know
Although the company has assigned the vulnerability a high severity score, with a CVSS score of 8.4, Unity has also stated that there is no evidence of exploitation or any impact on users or customers.
However, it might still be worth investigating one of the best identity theft solutions, just in case.
The company still advises users and creators to download the patched versions of Unity Hub or the Unity Download Archive, as the vulnerability affects versions 2017.1 and later, meaning it will be present across Android, Windows, Linux and macOS operating systems.
The vulnerability was discovered on June 4th, and patched on October 2nd, but as it affects version 2017.1 it has existed for eight years. It causes users to be “susceptible to an unsafe file loading and local file inclusion attack depending on the operating system.” This essentially means that a hacker or threat actor could enable local code execution to grab information at a privilege level of a vulnerable application.
Android apps can rely on the built-in malware scanning and security features to pick up any affected software. Microsoft Defender has received an update that can detect and block this vulnerability.
Valve has said it is adding additional protections against the vulnerability as well. Those who do not wish to rebuild projects can look for Unity’s published tool that will patch applications on Android, Windows and macOS though it does not work on Linux or on builds that contain tamper-proofing or anti-cheat measures.
More from Tom's Guide
- Mandatory age verification is now going live in Ohio — here's what it means for users
- Lost or stolen phone? 7 essential steps to protect Your data
- Neon app that sold recorded phone calls for AI training is now offline after a security flaw exposed all of its users' data
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
