Skip to main content

Nintendo kills 3DS browser exploit via new firmware update

No more Pokémon Shuffle or ROM injection hacks.

Nintendo has issued a new 3DS firmware update that blocks a major web browser exploit.

Pokémon Shuffle's shop was hacked so that all purchases became free.

The hack had allowed users to inject code within downloaded games, allowing for a number of illegal uses.

A method was discovered to run pirated Game Boy Color ROMs with relative ease, for example.

Another piece of code changed the 3DS' settings so it became region-free.

Last week, an exploit emerged that allowed users to bypass paying for microtransactions in free-to-play puzzler Pokémon Shuffle, just days after the game's launch.

The web browser exploit was only available on the original 3DS, 3DS XL and 2DS. The New 3DS and 3DS XL models were immune to the method as they feature an updated browser app.

Nintendo's new system update 9.5.0-23, available from today, updates the 3DS web browser and closes the exploit loophole completely. For the moment at least, none of the above exploits are no longer working.

Read this next