stinger608
Dedicated TPU Cruncher & Folder
- Joined
- Nov 11, 2008
- Messages
- 11,115 (1.97/day)
- Location
- Wyoming
System Name | Dean Machine/2020 Ryzenfall |
---|---|
Processor | Intel 4790K/AMD Ryzen 3700X |
Motherboard | MSI 1150 Gaming mATX/Gigabyte AORUS ELITE B550 |
Cooling | Cooler Master Hyper 212 LED/SilverStone AH240 AIO |
Memory | 16 gigs Crucial Ballistix Tactical Tracer/16 gigs G.Skill TridentZ NEO DDR4 |
Video Card(s) | Gigabyte 1660 Super/Gigabyte GTX 1660 |
Storage | Crucial SSD 256 and 2TB spinner/Dual Samsung 980 Pro M2 NVME 4.0 |
Display(s) | Overlord 27" 2560 x 1440 |
Case | Corsair Air 540 |
Audio Device(s) | On board |
Power Supply | Seasonic modular 850 watt Platinum/EVGA T2-850 Titanium |
Software | Windows 10 Pro/Windows 10 Pro |
ARSTechnica said:Millions of Steam users are potentially vulnerable to a newly disclosed attack method that exploits a hole in the way Steam commands interact with certain games, Web browsers, e-mail clients, and other software.
Security researchers at ReVuln, based in Malta, published details of the attack [PDF] earlier this week. The vulnerability resides in the Steam Browser protocol, which is commonly used by websites such as the Steam Web Store to install, uninstall or launch Steam games and perform other common tasks, using URLs starting with "Steam://". By getting a user to click a link to a specially formed Steam URL, an attacker can remotely exploit buffer overflow bugs and other vulnerabilities in various Steam games and in Steam itself to create and run malicious code on a target's machine, as shown in a posted proof of concept video.
Here is the entire article over at ARSTechnica:
http://arstechnica.com/security/201...n-lead-to-remote-insertion-of-malicious-code/
Needless to say, people should take precautions to prevent such an attack.