Unity Technology has deployed a fix for a vulnerability that allowed third-party code to run in Android-based mobile games, which some experts warned last week could be a risk to crypto users.
Unity said on Friday that the security patches were rolled to fix a vulnerability in its gaming engine that was discovered in June.
The director of community of Unity Technologies, Larry “Major Nelson” Hryb, posted a security update advisory explaining that the vulnerability could allow local code execution and “access to confidential information on end-user devices running Unity-built applications.”
He added that there was no evidence of any exploitation of the vulnerability, “nor has there been any impact on users or customers.”
Cointelegraph was one of the first media outlets to report the security vulnerability on Friday.
Sources told Cointelegraph the bug affects projects dating back to 2017, targeting the Android mobile platform and also impacting games running on Windows, macOS, and Linux.
“Unity is making a patch available to app developers to fix this issue, and developers should update their apps immediately,” a Google spokesperson told Cointelegraph at the time.
Unity asks devs to download the patched editor
Unity advised developers to download the patched Unity Editor update before their next build and rebuild any released games with the patched editor and republish them so that users can update.
Related: Unity Android flaw could drain gamers’ crypto wallets: How to protect yourself
Mobile gamers were advised to keep devices updated, enable automatic updates, and maintain current antivirus software.
GMO Flatt Security researcher RyotaK, who wrote about the vulnerability, stated that it enabled malicious applications installed on the same device to hijack permissions granted to Unity applications, which could be exploited remotely to execute arbitrary code.
Microsoft patches games made with Unity
Microsoft also released a security alert on Friday stating that Windows game development teams were working to update any game or application that is potentially affected by the vulnerability, and that console games were not affected.
Windows Defender has also been updated to provide protection, and anti-malware systems in Android have been enhanced, according to Neowin.
Meanwhile, game developers such as Obsidian Entertainment temporarily removed multiple games from all digital storefronts while implementing the fix, according to GameRant.
Unity is an industry-leading platform of tools for creators to build and grow real-time games and apps across multiple platforms. It powers more than 70% of the top thousand mobile games.
Magazine: Pudgy Penguins’ ‘masterpiece’ Pudgy Party tops 500K downloads: Web3 Gamer