Happy new year, everybody! May this year be awesome!
Anyway, I have some sort of important news. Recently, I got word that WiX Toolset has a security vulnerability, where a malicious program could hijack the installer’s DLL files by simply putting its own DLLs in the bootstrap’s temp folder (possibly affecting the game as well). Since the bootstrapper needs to elevate privileges (asking you permission to install the game, so to speak), it can infect your system. Thankfully, there are very little libraries that could allow malware to infect the system without you being aware of it. In any case, if you are using the standalone version, update as soon as possible (assuming you are using the two older versions, which use WiX Toolset). This updated version was repackaged with version 3.11.1 of the toolset, which fixes that vulnerability (along with an updated version of xeam Visual Installer, which fixes two bugs). Due to security concerns, I cannot provide a patcher for this, so you’ll need to download the installer and run it to patch the game. I’ve included an updated version of the Northbridge Platform as well, which comes with updated libraries (just to cover my bases). Those who have the Gamejolt Client version isn’t affected by the flaw but you’ll get the updated DLL files, anyway.
Details of the vulnerability: https://www.firegiant.com/blog/2016/1/20/wix-v3.10.2-released/
In regards to the 3.11.1 version (used to package the standalone version of the game): https://www.firegiant.com/blog/2017/12/31/wix-v3.10.4-and-wix-v3.11.1-released/
0 comments