Nintendo's Patches Out 3DS Browser Exploit Through Firmware Update
Videogame pirates are an ingenious lot. Over the years many hackers have come up with extremely clever examples of reverse engineering on console systems to enable anything from pirated games to benign homebrewed software. Unlike Sony's PS3, which posed a considerable challenge and took a relatively long time for the hackers to break into, Nintendo's 3DS didn't pose much of a challenge.
At the end of 2014, hackers found a loophole in the Nintendo 3DS' inbuilt browser that allowed gamers to run pirated Game Boy ROMs. The hack worked by exploiting a buffer overflow in the handheld console's internal browser. It was expected that Nintendo would eventually patch out the exploit, and the Japanese console maker has indeed done so, according to Eurogamer. The company took surprisingly long to address the exploit since the patch came well over a month after the exploit was made public.
The exploit has been fixed with Nintendo's new system update 9.5.0-23, which works by updating the 3DS system browser and patching out the loophole permanently, as pointed out by VG247. The update has already gone live. According to user reports on various forums, none of the prior exploits seem to be working for those who have opted to upgrade to the latest firmware version.
The latest firmware update doesn't have any effect on the latest updates to the 3DS line – the New Nintendo 3DS, 3DS XL and 2DS – on this front as they are already immune to the browser exploit. That's because the new 3DS versions shipped preinstalled with an updated browser that didn't have the buffer overflow vulnerability. Gamers who wish to run homebrew and make good use of various other avenues using the browser exploit have chosen to avoid updating their 3DS systems altogether.
iDigitalTimes notes that the same browser exploit was used to great effect by "Pokemon" fans to save them a considerable amount of real-world money that would otherwise have been spent on in-game microtransctions. "Pokemon Shuffle" was susceptible to the browser workaround. The exploit allowed gamers to attain goodies from the in-game shop at no cost. 3DS users who unwittingly updated to the latest firmware found that they could no longer get items from the shop for free.
In case you have any feedback or wish tip us off, the author can be contacted at nachiketpg13@hotmail.com
Pokémon Shuffle — Meet Your Match (credit: The Official Pokémon Channel YouTube channel)