what? why?

Okay so this is an INSANE bit of fearmongering on OP's part.

Basically, an exploit has existed in Unity for almost a decade, issue is this exploit could only be used if your PC already has malware on it, so it physically couldn't do anything, or even be activated unless your PC was already ♥♥♥♥♥♥.

Since this has been discovered, Steam has already patched itself against this issue, and games that use older instances of unity are getting updates to the latest and more secure versions.

Couldn't care less when "high probability" was meant for people without common sense.

Curious. I'm rather sceptic though.

Would it technically affect (if it would indeed affect 'em) content CREATORS or content USERS, or BOTH?

I just got an update for an installed game (Dredge) correcting this issue.

Its being addressed.

I don't believe it
Proofs or it did not happen

Originally posted by Princess Luna:

I don't believe it
Proofs or it did not happen

https://unity.com/security/sept-2025-01

Originally posted by Volfogg:

Curious. I'm rather sceptic though.

Would it technically affect (if it would indeed affect 'em) content CREATORS or content USERS, or BOTH?

Both, although users are affected only if they're careless in protecting their PCs or during an online match (RCE).

Are there protections in place for games on Steam?
-
We have spoken with Valve and they will issue additional protections for the Steam client. For Windows, Microsoft Defender has been updated and will detect and block the vulnerability.

It looks like I received an update for Steam for this today.

Edit: A new Steam client has been released and will be automatically downloaded.


General

Added mitigations for Unity CVE-2025-59489, blocking a game launch through the Steam Client when an exploit attempt is detected.

Not sure but may be safer to launch game from the store page (staem Client ) and not the desktop Icon ?
I usually do that anyway.

Windows defender has also been updated

Steam/Valve sent out a update to block them now if found with exploit, so that is good:

https://gtm.steamproxy.vip/app/593110/eventcomments/594035856760751306?ctp=3

Now it might not seem like much, but once I look at the list of more popular games that use some variant of Unity engine, it's actually longer than I expected.

Welp...
"Better safe than sorry", I guess...

Unity 2019 - released 6 years ado - SUDDENLY have issues
No way this is Unity plan to force users to updaes and get more bugs OR force them to get Unity 2027 to get new subscription

Please tell us more

Originally posted by Wolfie von Spookydot:

Basically, an exploit has existed in Unity for almost a decade, issue is this exploit could only be used if your PC already has malware on it, so it physically couldn't do anything, or even be activated unless your PC was already ♥♥♥♥♥♥.

If Unity did not patch this exploit for 10 years - you need more proofs thet are sheet company?

Originally posted by Princess Luna:

Originally posted by Wolfie von Spookydot:

Basically, an exploit has existed in Unity for almost a decade, issue is this exploit could only be used if your PC already has malware on it, so it physically couldn't do anything, or even be activated unless your PC was already ♥♥♥♥♥♥.

If Unity did not patch this exploit for 10 years - you need more proofs thet are sheet company?

What's made more funny is that Unity themselves didn't even find it, it was a third party that did.

Originally posted by sigmagamer:

what? why?

https://youtu.be/Miz_yjEHGr4

There is no evidence that the exploit was ever used in the wild before being patched.