No, Elden Ring (Probably) Isn't Vulnerable To The Same Old RCE Bugs

hero eldenring
Gamers likely recall back in January when a serious remote code execution (RCE) security exploit was revealed in the game Dark Souls III. This bug allowed malicious players to run arbitrary code on other players in the same session, which is particularly galling considering the way Dark Souls allows players to "invade" other players' worlds; it's not enough to simply play exclusively with friends.

The thing is, that bug was revealed in such a way—used against a high-profile Twitch streamer—because the person who found the bug had submitted a report to Bandai-Namco and gotten no real response aside from an acknowledgement that the Japanese company had received the report. It was actually the second RCE found in Dark Souls III, and came on the heels of more than one-hundred known exploits that were unsolved in the game.

The cheating situation in the Dark Souls series was so severe that players of Dark Souls III created their own anti-cheat system, known as Blue Sentinel. It's named after a faction in the game that allows valorous players to rush to the assistance of other adventurers that come under the assault of an invader.

J.T. deleted his original tweet supposedly showing the bug, and put up this non-apology.

Today, Twitter user J.T. (@notasnervous) tweeted a short video that seemed to show the same RCE exploit used against him in Elden Ring. He's since deleted the tweet, but in the meantime, the internet lit up—what a story, right? From Software lazily slaps Easy Anti-Cheat on its blockbuster game and calls the problem solved. Many other sites that shall remain unnamed have reported the story exactly this way, but it turns out it's not so simple.

Scrolling his feed makes it clear that J.T. is a little bit of a cad, and also not a cybersecurity researcher. However, the creator of Blue Sentinel, known as Luke Yui (@luke_yui on Twitter), IS a cybersecurity researcher, and Luke says that he finds J.T.'s claim "unverifiable." As you can see below, Luke says that From Software did "an excellent job" and that the company "fixed all of the RCEs both myself and others found in Dark Souls."

lukeyui tweet

It's certainly possible that there are still RCE bugs in Elden Ring. Speaking to VGC back in February (before the game's release), Luke said that he wouldn't be playing Elden Ring "until a Blue Sentinel equivalent is available." He commented that he had seen code from the pre-release network test, and that there were "a lot of crashes and vulnerabilities in Elden Ring's netcode," including "the exact same ones as in Dark Souls III."

However, until we have reliable confirmation of the fact, there's no reason to live in fear. Well actually, there's plenty of reasons to be afraid in The Lands Between, but other players hacking your PC isn't one of them—for now, anyway.