IE Gets Blame for Theft of Half Life 2 Code

Security experts are blaming unpatched flaws in Internet Explorer for the theft of the source code of the much anticipated video game.

Security experts are blaming known but unpatched vulnerabilities in Microsoft Corp.s Internet Explorer for the theft and distribution of the source code for a much anticipated new video game.

The source code for Valve Corp.s Half Life 2, a sequel to the popular shoot-em-up game that was due out by December, was posted on the Internet on Thursday, according to a statement from Valve Managing Director Gabe Newell.

The theft of the code, which was made available for download on the Net, came after a monthlong concerted effort by hackers to infiltrate Valves network. Malicious activity in the Valve network included denial-of-service attacks, suspicious e-mail activity and the installation of keystroke loggers, Newell added.

This theft is only one item on a long list of security-related problems for the Redmond, Wash. software maker this week. Other happenings included the discovery of more security flaws in Internet Explorer and the filing of a class-action lawsuit against Microsoft over such vulnerabilities in both applications and system software. And the company was also stung by a recent report arguing that the dominance of Windows is a hindrance to computing security.

"This is what happens when you have 31 publicly known unpatched vulnerabilities in IE," wrote Thor Larholm, senior security researcher for PivX Solutions LLC, in a posting to the NTBugTraq mailing list. "I have seen screenshots of successfully compiled HL2 installations, with WorldCraft and Model Viewer running atop a listing of directories such as hl2, tf2 and cstrike."

Newell is seeking the Internet and gaming communities help in tracking down the code thieves. The company has set up an e-mail address,, to collect information and tips on the hack.

Discuss this in the eWEEK forum.