If you click on a link and make a purchase we may receive a small commission. Read our editorial policy.

Mojang fix Minecraft vulnerability that allowed players to crash servers

Coder openly details method after waiting two years for fix.

Mojang has issued an update for the PC version of Minecraft after a coder detailed an easy-to-manipulate vulnerability that allowed players to crash servers.

Pakistan-based developer Ammar Askar openly showcased the method via his blog last night after nearly two years of waiting for developer Mojang to respond (thanks, Ars Technica).

Askar first discovered the exploit back in July 2013, and promptly contacted Mojang so the studio could patch it out.

It took until a second message for Mojang to acknowledge his message, but the bug remained unfixed.

Askar gave up on contacting Mojang after sending two more messages. Now, nearly two years later, he decided the only way to draw attention to the issue was to reveal it openly and hope that Mojang would be forced to respond.

"The version of the game when the vulnerability was reported was 1.6.2, the game is now on version 1.8.3," he wrote.

"That's right, two major versions and dozens of minor versions and a critical vulnerability that allows you to crash any server, and starve the actual machines of CPU and memory was allowed to exist.

The exploit works by flooding the game's servers with information about a particular inventory slot. Askar discovered that it was easy to create code that the game struggled to understand - to the point where the server would crash.

Since revealing the issue, Mojang has since been in touch and has finally published a fix.

Will you support Eurogamer?

We want to make Eurogamer better, and that means better for our readers - not for algorithms. You can help! Become a supporter of Eurogamer and you can view the site completely ad-free, as well as gaining exclusive access to articles, podcasts and conversations that will bring you closer to the team, the stories, and the games we all love. Subscriptions start at £3.99 / $4.99 per month.

About the Author

Tom Phillips avatar

Tom Phillips

Deputy Editor

Tom is Eurogamer's deputy editor. He writes lots of news, some of the puns and makes sure we put the accent on Pokémon.

Comments

More News

Latest Articles

Supporters Only

Eurogamer.net logo

Buy things with globes on them

And other lovely Eurogamer merch in our official store!

Eurogamer.net Merch