News

Valve fixes remote code execution leak in Steam after two years

By admin
Spread the love

Valve has fixed a remote code execution vulnerability in Steam, but similar vulnerabilities still exist. Security researchers recently revealed that there are several RCEs in Steam and Source games that haven’t been patched for years.

According to German hacker Florian, Valve has now fixed the vulnerability he found and is allowed to share the details about it. He hasn’t done that yet, but he writes on Twitter that a detailed technical report is on the way.

Last week, hacker group Secret Club highlighted the existence of various rce vulnerabilities in Steam and Source games. The bugs were reported a long time ago via bug bounty platform HackerOne, which Valve is affiliated with. However, Valve did not fix the errors and initially did not respond to messages from the security researchers. The details of the leaks have not been made public.

After repeatedly contacting Valve and HackerOne, Florian did receive compensation for his find, but two years after reporting the vulnerability, it had not yet been resolved. That is now the case. Valve itself has not publicly commented on the matter and it is not known whether the other leaks will also be closed in the short term.

You might also like
News

X begins to deploy the audio and video calling function (but only paying users can…

News

Rumor: Apple is working on its own applications based on a large language model

News

Blizzard will release certain games via Steam, starting with Overwatch 2

News

EU Council determines position on security requirements for digital products

News

Microsoft and Activision Blizzard postpone acquisition deadline until October

News

Meta introduces open source language model Llama 2, works on PCs and phones