Now the sourcecode is released, crackers found a leak in the code that allows them to take control of one's PC, via buffer overflow during a Boundary Error when the engine is processor the remapShader command.
It only works when you join their multiplayer server though.
So if you play singleplayer, or play on official servers, you don't have anything to worry about.
But players of Quake 3 or Return to Castle Wolfenstein and the like, you're warned. :)

Well, at least id Software releases their sourcecodes... other games probably have leaks too. Even more maybe, but they're unknown because the sorucecode isn't released.

Link?

And how do people find these errors?

The link is in Dutch, but here is their source:

http://www.milw0rm.com/exploits/1750

The link is in Dutch, but here is their source:

http://www.milw0rm.com/exploits/1750

As far as I know Quake 3 and Wolf don't use pixel shaders since they have compatibility with voodoo cards... since any voodoo doesn't have any pixel shaders then function "remapShader" won't be in the real quake 3 code, it would be in Quake 4 though..lol maybe also in Doom 3

My question is how much control does the person gain by doing this. if you logged into a non privileged account ( a user account) can this expolte be used to gain higher permission rights?

later games, such as CoD use pixel shaders, and it runs on the Quake3 engine.

...CoD is Quake3 engine?

Yup, CoD runs on the Quake 3 engine. Impressive eh? :)

My question is how much control does the person gain by doing this. if you logged into a non privileged account ( a user account) can this expolte be used to gain higher permission rights?

No idea, all I know is that it allows the cracker to run random commands. Typical buffer overflow stuff :)

@laffer

Very. I though CoD ran off its own engine :p

Definitely not :)

As far as I know Quake 3 and Wolf don't use pixel shaders since they have compatibility with voodoo cards... since any voodoo doesn't have any pixel shaders then function "remapShader" won't be in the real quake 3 code, it would be in Quake 4 though..lol maybe also in Doom 3

They aren't the same kind of shaders. They aren't pixel shaders...Quake 3's materials are referred to as shaders.

Read id Software's shader manual for more info (http://www.heppler.com/shader/shader/index.html)

wow....

then there will most definatly come a counter messure if this get out in the open..

So now I have to worry about playing Quake 3 on my Xbox? :D

IIRC, Crackers are the good guys.

So now I have to worry about playing Quake 3 on my Xbox? :D
Did they ever finish that port?

Maybe he "ported" it himself.

They released patches for RTCW, Q3 and ET.

http://www.idsoftware.com/

^clicky for us lazy people out there.
Quake III Arena 1.32c Patch for the win. Think I'll reinstall it just to patch :p

IIRC, Crackers are the good guys.
You do not recall correctly.