Skip to main content
  1. Home
  2. Gaming
  3. Computing
  4. News

Valve patches ‘Team Fortress 2’ bug that could install a trojan when you died

Add as a preferred source on Google

Dying in a first-person shooter is not usually as big a deal as in other genres, but in one case researchers found it could be very detrimental to your PC. Valve has now fixed a bug brought to its attention, which in Team Fortress 2 and various other Source titles, allowed hackers to remotely install trojans and other malware upon a player’s death.

Described by researchers as a “buffer overflow vulnerability,” the exploit was one that had to be loaded onto a victim’s machine through a custom map file. There, the researchers were able to install a custom ragdoll model file, which would, in turn, be loaded up when a player died. But instead of displaying a realistic or comical figure during death, that file executed malicious code.

Recommended Videos

Discovered by One Up Security, the bug has now been patched by Valve for all affected Source games, including Counterstrike: Global Offensive, TF2, Half-Life 2 Death Match, Portal 2, and Left 4 Dead 2. However, they do suggest that Source mod makers update their mods with the patch linked. One Up Security also provides guidelines and advice for mod makers to help them avoid the potential problems caused by this sort of exploit.

However, users can also take steps to protect themselves from exploits through games. For starters, One Security’s Justin Taft suggests that games should not be installed on work machines. He suggests that gameplay should be maintained on an entirely separate network to business-related functions.

He highlights in his discussion of the bug that this unlikely to be common place, as games are quite a common sight in break rooms and on the home computers of employees — but recommends as much separation as possible to avoid this kind of exploit from affecting corporate interests.

For average gamers who want to add some extra security to their own setup to avoid any potential future exploits that leverage Valve’s popular Source titles, he recommends disabling third-party content with a specific console command. That will leave you unable to enjoy some of the wider variety of custom maps and mods out there, but if security is more important to you than gameplay, it may be worth considering.

Jon Martindale
Jon Martindale covers how to guides, best-of lists, and explainers to help everyone understand the hottest new hardware and…
Here’s every game you can download on Xbox next week
Palworld's 1.0 launch leads a 24-game lineup that also includes Assassin's Creed Black Flag Resynced.
Assassin's Creed Black Flag Recynced image

Xbox has shared its rundown of next week's releases, and the list includes 24 new games arriving between July 6 and July 10. The lineup is headlined by two major AAA titles, three notable additions to Game Pass, and a long list of smaller indie games.

Two AAA pre-orders lead the week

Read more
Sony may have been digging the grave of physical PlayStation games for years.
Sony’s Austria disc plant shift suggests physical PlayStation games were already on the way out
The Playstation 5 system standing upright.

Sony recently announced that physical game discs for new PlayStation releases will end in January 2028, and the timing immediately raised questions.

The decision came shortly after Rockstar reportedly generated more than $3 billion in revenue from preorders of GTA 6, including digital editions and code-in-a-box physical copies. That led some critics and fans to wonder whether GTA 6’s massive digital success had pushed Sony into making such a major call.

Read more
Sony is helping bury physical games, and preservation is being left to clean up the mess
A reported 2028 cutoff for PS5 discs gives the industry a deadline it still doesn’t seem ready to handle.
A PS5 sitting on its side with two Dualsense controllers next to it on the right.

Sony’s reported plan to stop producing PS5 discs in 2028 would push PlayStation deeper into a digital-first future, where access depends on licenses, storefront policy, and platform support lasting longer than companies usually promise.

That’s tidy for Sony and ugly for game preservation. Physical media was never a perfect archive, but removing it before a serious replacement exists turns the survival of old games into someone else’s emergency. It also raises questions about long-term ownership, resale rights, and whether players can truly rely on purchases to remain accessible decades later.

Read more