Security experts are blaming known but unpatched vulnerabilities in Microsoft Corp."s Internet Explorer for the theft and distribution of the source code for a much anticipated new video game. The source code for Valve Corp."s Half Life 2, a sequel to the popular shoot-"em-up game that was due out by December, was posted on the Internet on Thursday, according to a statement from Valve Managing Director Gabe Newell. The theft of the code, which was made available for download on the Net, came after a monthlong concerted effort by hackers to infiltrate Valve"s network. Malicious activity in the Valve network included denial-of-service attacks, suspicious e-mail activity and the installation of keystroke loggers, Newell added.
This theft is only one item on a long list of security-related problems for the Redmond, Wash. software maker this week. Other happenings included the discovery of more security flaws in Internet Explorer and the filing of a class-action lawsuit against Microsoft over such vulnerabilities in both applications and system software. And the company was also stung by a recent report arguing that the dominance of Windows is a hindrance to computing security. "This is what happens when you have 31 publicly known unpatched vulnerabilities in IE," wrote Thor Larholm, senior security researcher for PivX Solutions LLC, in a posting to the NTBugTraq mailing list. "I have seen screenshots of successfully compiled HL2 installations, with WorldCraft and Model Viewer running atop a listing of directories such as hl2, tf2 and cstrike."