PvP is down in Dark Souls 1, 2, and 3 on PC following a high-stakes exploit

destructoid.com:

Over the weekend, Bandai Namco notified the Dark Souls community that PvP — a huge time sink for some fans, and an element to avoid at all costs for others — is currently offline in the series’ games on PC. And there’s a good reason: an exploit was found.

After the discovery of an RCE vulnerability within Dark Souls 3 that could be used to run malicious code, and an effort from players to get the powers that be to act swiftly and accordingly, the developers have made the call to pull the PvP servers for Dark Souls: Prepare to Die Edition, Dark Souls: Remastered, Dark Souls 2, and Dark Souls 3 on PC.

Officially, these player-versus-player servers are “temporarily deactivated” on PC — but not on Xbox or PlayStation — “to allow the team to investigate recent reports of an issue with online services,” according to a tweet from the series’ Twitter account.

The whole situation could’ve been significantly worse given the possibilities of remote code execution attacks. In this particular case, the creators of Blue Sentinel — a tool for Dark Souls 3 that “aims to identify cheaters and mitigate the impact they have on your online play” — were involved in spreading the word to Bandai Namco and From Software.

“Only about four people currently know how to do this [RCE exploit],” according to a post on the Blue Sentinel subreddit. “Two who worked on it, and the two Blue Sentinel developers. It has not been leaked to our knowledge. It was showcased by one of the people on streamers in more harmless capacities.”

If you’re curious about that last line, here’s an archived Twitch stream of Dark Souls 3 from The__Grim__Sleeper (via The Verge) with a demonstration of the PvP exploit.

We’ll have to hope for a timely fix on this one — Dark