Slashdot Mirror

← Back to Stories (view on slashdot.org)

Valve Patches Security Bug That Existed in Steam Client for the Past Ten Years (bleepingcomputer.com)

Posted by msmash on from the better-late-than-never dept.

Valve developers have recently patched a severe security flaw that affected all versions of the Steam gaming client released in the past ten years. From a report: According to Tom Court, a security researcher with Context Information Security, the one who discovered the flaw, the vulnerability would have allowed an attacker to execute malicious code on any of Steam's 15 million gaming clients. In the jargon of security researchers, this is a remote code execution (RCE) flaw because exploitation was possible via network requests, without needing access to the victim's computer. Court says an attacker was only required to send malformed UDP packets to a target's Steam client, which would have triggered the bug and allowed him to run malicious code on the target's PC.

3 of 77 comments (clear)

  1. Re:Likelyhood of attack? by dissy · · Score: 4, Insightful

    Unless someone has their machine connected directly to the internet (in which case you've got a whole lot of bigger problems), what's the likelyhood that this would actually be exploited?

    An attack sourced from the Internet would be highly unlikely, or more specifically would be zero percent for the vast majority of Steam users.

    LAN attacks are more realistic, especially if one is the LAN party hosting type.

    Malware that makes it behind the NAT could also be used to exploit this.
    PC infecting malware for certain could be used to reach and infect other systems running Steam on the LAN other than the infected one.

    Can web browsers do UDP from their sandbox these days?
    There have been browser based malware in the past that utilized TCP sockets to attack home routers web interfaces from the inside LAN side.
    While I admit I don't know, part of me still hopes UDP is a thing kept out of the javascript and sandbox passing commands available to the browser, but fear I could be wrong...

  2. So what? by gweihir · · Score: 4, Insightful

    The only thing that means is that Valve is not writing new and really bad code all the time, they actually and sanely keep what works and improve it. Yes, sometimes that takes long, but nobody with an actual clue is surprised by that.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  3. Re:By design, not a bug by GrumpySteen · · Score: 4, Insightful

    It's an overflow bug. There's nothing peculiar or rare about it.