Skip to main content

Security flaw found in Steam

posted onOctober 18, 2012
by l33tdawg

Hackers could have a new means of accessing your computer through a browser command which utilizes Valve's software distribution system Steam. When your browser accesses a URL that begins with the command "steam://", it will prompt your copy of steam to launch and perform some operation. Usually, such an operation would be to launch a game, or install or uninstall software.

 Unfortunately, it seems this allows hackers a backdoor to install or run compromising software on your computer, including using exploits in games with the source- and unreal-engines. Some browsers, such as Chrome or Internet explorer will not access such a URL without first prompting you; however Safari, and Steam's own browser will run these URLs without question. Firefox lies somewhere in the middle. It will ask you to confirm, but will not alert you that there may be a risk involved (unsurprisingly perhaps, as the command is meant to be associated with steam).

Source

Tags

Security Games

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th