New Nintendo Switch Units Can’t Be Exploited via the “Fusée Gelée” Hack Anymore
Earlier this year, hackers discovered a Nintendo Switch vulnerability that could enable users to run arbitrary code on all current consoles. The bug dubbed as “Fusée Gelée” or “Frozen Rocket” is used to exploit code in the NVIDIA Tegra X1’s USB recovery mode, bypassing mechanism that is supposed to protect the critical bootROM. The bug effectively enables users to run pirated games.
While the hack cannot be patched on existing hardware as we originally reported (with well over 15 million Tegra 210 powered Nintendo Switch consoles on the market and the release of custom firmware solutions presumably close, the homebrew scene is likely to thrive as well as piracy in all likelihood), Nintendo hasn’t been sitting idle in its anti-piracy efforts. It appears the latest models introduced in the market are potentially carrying a patch to this exploit. SciresM, a Switch hardware hacker, reports that some retail units already come with Nvidia Tegra chips that are protected against Fusée Gelée based exploits.
Bad News: Reports of new Switches in the wild not being vuln to f-g… probably updated ipatches.
Good news: they're coming with 4.1.0 for now, which is vuln to deja vu.
Friendly reminder: if you want a hacked switch, don't update. The lower the better. This is still very true.
— Michael (@SciresM) July 10, 2018
Kate Temkin, who found the exploit in the first place, tweeted that these patched consoles aren’t likely to be Mariko (overhauled Switch hardware to get rid of the flaw) as they are shipping with firmware 4.1, not the 5.0.
SciresM added that Nintendo probably patched the Nvidia chip with a system that prevents the USB recovery flaws hackers were previously exploiting. “Friendly reminder: if you want a hacked switch, don’t update,” he tweeted. “The lower the better. This is still very true.”