Steam network with security hole
When it comes to gaming, many people know Steam, a platform where you
can purchase and download games from. The advantage: You don’t have to
store hundreds of discs somewhere in some shaft once you have installed a
game. The disadvantages: You need an online connection and there are risks.
One of the risks which seem to be of a rather important category is the way, how the Steam client or the system is treating special URL-Streams. So is it possible to run and modify batch files with an URL like this
steam://run/id/language/url_encoded_parameters
The danger in between is that this modified URL is also capable to read log files and/or modify batch files if the string is properly formed. All the attacker needs to know, is, which games the victim has installed.
Although the danger looks serious, there are browsers which warn the user before opening a special URL protocol type like the given one. The only sad exception: Apple and it’s browser Safari which tends to bypass these URL protocol types without any warning.
Valve is adressing this problem and trying to issue a suitable patch.
Leave a comment