Steam browser vulnerability puts users at risk

Steam vulnerability

The steam:// URL is a quick way to install and launch games from a browser.

Hardware and software security company Revuln pointed out that Safari can launch steam:// commands silently without the user knowing, providing a window of opportunity for attackers.

The report highlights ways in which local processes that exist on our PCs as part of game installations could be dangerous. Revuln highlighted different attack strategies using Source and Unreal engine games. The good news is that major browsers like Internet Explorer, Firefox, Chrome and Opera, give warning before programs are launched but if you hide the warning by default for Steam links (like I did) you might be in trouble.

For now avoid Safari and, as always, say no to any unexpected program launches. Also who the hell uses Safari on PC?

Edit:

Here’s Revuln’s PDF with detailed description

Source: PC Gamer

No votes yet.
Please wait...
Next PostRead more articles

stranded

I run this place! :D

This Post Has 6 Comments

  1. Rose Martine

    “Nice post. I learn something new and challenging on sites I stumbleupon every
    day. It’s always useful to read content from other writers and use something from other web sites.”

    No votes yet.
    Please wait...
  2. Deep Web

    “Your style is so unique in comparison to other people I’ve read
    stuff from. Thanks for posting when you hav the opportunity,
    Guess I will just bookmark this page.”

    No votes yet.
    Please wait...
  3. stranded

    This post was more of a warning to all Steam users to watch out what they’re doing, we didn’t want to blame Valve or anyone if that helps.

    No votes yet.
    Please wait...
  4. SilentBugler

    With this kind of attack any application that is allowed to interact with or launch other applications on the system can be an infection vector, this is just one specific case among thousands of similar vulnerabilities. If you want to be permanently protected from this kind of attack you must have a HIPS firewall.

    No votes yet.
    Please wait...
  5. Elbart

    @d32
    Sure, but Steam’s still doing the dirty work.

    No votes yet.
    Please wait...
  6. d32

    Rational man already avoids anything produced by Apple, Inc.

    No votes yet.
    Please wait...

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.