A few months back, there was the word of a new “unpatchable” exploit on the Nintendo Switch which allowed hackers to run custom firmware, homebrew consoles, and of course, pirated games and software on the Switch’s existing hardware.
Nintendo has been reported that they’ve patched the exploit by selling newly-patched hardware in newer Switch models that have been fixed at the factory-level in order to prevent the exploit.
The report comes from SciresM, a well-known hacker in the Switch world, who wrote that some Switch units on retail shelves are not vulnerable to the exploit known as “Fusée Gelée.” SciresM also suspects that Nintendo has used the iPatch system on the GPU to burn the protective code into the boot ROM, which cuts of the USB recovery mode overflow error that was the previous entry point.
The iPatches are simple for Nintendo to patch in while the console is being produced in the factory, but it’s impossible to load onto the millions of Switch units that are already in circulation.
The newer “patched” units are running firmware version 4.1.0, which has been outdated since the 5.0.0 release in March. This means that they’re not really new in terms of firmware, but rather suggests that the “patched” units were already built earlier this year and Nintendo was on the case.
Nintendo is reported to have utilized data from various hacking groups like Team fail0verflow and Team ReSwitched to get the head start in order to protect their hardware before the hack was released to the public. These groups told the big N about the vulnerabilities before they released their hacks, which gave Nintendo some time to patch it in the next update. That explains the older firmware version.
Regardless, the older firmware is still vulnerable to a software-level exploit called deja vu, which was patched in systems with 5.0.0 or later. This puts Nintendo in a cycle between the two exploits.
So to keep things simple: the 4.1.0 units are “patched” against “Fusée Gelée,” but are vulnerable to deja vu. Whereas the new 5.0.0 units are safe from deja vu, but vulnerable to “Fusée Gelée.” Quite a pickle.
For now, Nintendo continues to ban hacked systems from its network.