Steam Could Be Vulnerable

Gamers aren't very satisfied with the idea of Steam as a vulnerable place, but it seems that it's more than rumor. According to ReVuln researchers, there are several security flaws inside Steam, so you should be careful or your PC might be compromised.

Steam Could Be Vulnerable

Steam Could Be Vulnerable 

Luigi Auriemma and Donato Ferrante are the ReVuln (based in Malta) researchers warning of Steam vulnerabilities. It seems that chaos can start from a mere URL, using the protocol steam://, once is redirected. Either you believe it or not, during the weeks to come, it's wiser to avoid Internet Explorer and Chrome, since these browsers present warnings.

Concretely, if you want experience on your own computer, try to use Chrome for accessing Steam. Google's browser will react unnaturally, redirecting the link. Opera is a little bit more transparent, presenting a warning and showing the first 40 characters of the URL being called, Firefox requests a confirmation, but doesn't show the URL and Safari will simply execute the program, without any warning.

Steam Could Be Vulnerable

Steam Could Be Vulnerable 

How is it possible? After all, Steam was reckoned to be one of the securest gaming platforms. It seems that attackers used malicious YouTube links within Steam user profiles to lure users. If they are so innocent to leave comments, would be phished with malicious URLs. From there, attackers could exploit vulnerabilities and the rest is the history of a damaged computer.

According to the researchers, who already launched a video for determining you to be precautious, you should disable the steam:// URL protocol handler manually or with a specialized application.

Valve, Steam's creator, hasn't yet any comment on this topic.


Topics: , , , , ,

Did you like this? Share it:

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>