The recently leaked source code for two of Valve’s biggest games should not result in compromised security for those games.
Earlier today, source code for both Counter-Strike: Global Offensive, and Team Fortress 2 got leaked. According to Steam Database, the code dates back to 2017-2018, having been made available to Source engine licensees.
It’s not clear how the source code was leaked, however. As you might imagine, having access to game source code could allow hackers to target specific vulnerabilities with their cheats, or create the even more worrying remote code execution.
In response, Valve said that the code is old and does not currently pose a security risk. According to the developer, the leak mainly features CS:GO engine code, with some Team Fortress 2 code.
“We have reviewed the leaked code and believe it to be a reposting of a limited CS:GO engine code depot released to partners in late 2017, and originally leaked in 2018,” Valve wrote.
Source code for both CS:GO and TF2 dated 2017/2018 that was made available to Source engine licencees was leaked to the public today. pic.twitter.com/qWEQGbq9Y6
— Steam Database (@SteamDB) April 22, 2020
“From this review, we have not found any reason for players to be alarmed or avoid the current builds. We will continue to investigate the situation and will update news outlets and players if we find anything to prove otherwise. In the meantime, if anyone has more information about the leak, the Valve security page describes how best to report that information.”
Likewise, the official Team Fortress 2 Twitter had a similar message to players, recommending players stick to official servers.
“From our review, we have not found any reason for TF2 players to be alarmed or avoid the current builds (as always, playing on the official servers is recommended for greatest security),” the Tweet reads.
There’s no telling what modders can do with this code on unofficial servers, so best avoid those for now.