Valve has confirmed a major source code leak earlier this week involving two of its most popular competitive multiplayer games, Counter-Strike: Global Offensive and Team Fortress 2. Players of the games have been concerned that the code leak for the popular and active games would allow hackers to find ways to develop remote code execution attacks or other exploits for the games.
Valve has issued a statement that says players shouldn't be concerned about Counter-Strike: Global Offensive, but hasn't said anything about Team Fortress 2. Valve's statement said it had reviewed the leaked code and believed that it was a reposting of a limited CS:GO engine code depot that was provided to partners and subsequently leaked in 2018. Valve says its review found no reason for players to be alarmed or avoid the current builds.
However, since there was no direct mention of Team Fortress 2 in Valve's comments, players and communities focusing on the game are rightfully concerned. Two very popular community-run server hubs --Redsun.tf and Creators.tf -- have announced that they will temporarily shut down operations due to uncertainty surrounding security of their infrastructure. The two server hubs also say that there is uncertainty around the potential for damage to player computers due to the source code leak.
A Redsun moderator says that it is waiting for Valve to give them the ok before they resume operations. Reports indicate that the Valve Source Engine base has various branches, and while this one is a CS:GO code depot, it does include references to Team Fortress 2. The code reportedly dates back to a 2011 build of Team Fortress 2. It's unclear if that code could lead to exploits in the current build of the game.
In other valve news, the company admitted that modders of Half-Life: Alyx VR would bypass the VR headset requirement for the game to allow players lacking a headset to play. And it didn't take long for them to prove Valve right.