Skip to main content

Indie game storeFree gamesFun gamesHorror games
Game developmentAssetsComics
SalesBundles
Jobs
TagsGame Engines

Here's what actually happens 

Renpy have this file called zsync.exe that's work as an updater for renpy-based games. Most of the time it'd be harmless and beneficial. Yet it seems to have the ability to serve as a remote code execution (RCE) backdoor since its working mechanism is downloading patches from remote server and then execute however the devs want, if I get the source code & docs right.

So yeah it's mostly misunderstanding and false positive if i can said that because wow this is a huge vulnerability from renpy i hope it's get patch soon