Sone166 Patched Page

Some legacy applications (e.g., a 2018 game called Synthwave Racers) were abandoned before the patch. In that case:

Although no widespread attacks occurred before the patch, researchers documented a targeted campaign against a game development studio. The attackers sent a .wav file with malformed SONE metadata. When the studio’s sound designer opened the file in their DAW, the sone166 exploit triggered and installed a keylogger. The studio lost source code for an unreleased game.

That incident pushed the patch from "recommended" to "critical." sone166 patched

An attacker with low user privileges (e.g., a malicious VST plugin downloaded from a torrent site) could:

Security firm RedSigma Labs reported in February 2026 that 12% of enterprise workstations running digital audio software were potentially vulnerable to remote code execution via malicious audio files. Some legacy applications (e

Fixed a bug and applied related improvements in module(s) impacted by sone166.

If you are a developer, musician, or system administrator using software that relies on SONE, here is how to verify your status. Although no widespread attacks occurred before the patch,

The sone166 patched version introduced three novel fixes:

From a developer perspective, applying the fix required recompiling all dependent audio plugins against the new SDK. Major vendors (e.g., SpectraSound, ToneForge) released updates within two weeks.

A: Only if you:

If you only use legitimate, updated plugins and keep your DAW current, you are safe.