New Steam vulnerability might put your personal data at risk

2 minute read
Steam's zero day exploit vulnerability might affect millions

Home » News » New Steam vulnerability might put your personal data at risk

Steam is one of the biggest gaming platforms in the world, and it’s used by a lot of Windows 10 users for their daily gaming sessions.

Now, millions of Windows 10 gamers could be at risk because of a “zero-day” security vulnerability that affects Steam.

Steam’s security might be compromised

The issue was found by a security researcher, Vasily Kravets, who stated that the vulnerability could open the affected PCs to malware attacks, data and password stealing, and more.

Here’s what the security researcher said in his public disclosure:

45 days have gone since the initial report, so I want to publicly disclose the vulnerability. I hope this will bring Steam developers to make some security improvements. So, now we have a primitive to take control on almost every key in the registry, and it is easy to convert it into a complete EoP (Escalation of Privileges). After taking control, it is only necessary to change ImagePath value of the HKLMSYSTEMControlSet001Servicesmsiserver key and start “Windows Installer” service. The program from ImagePath will be started as NT AUTHORITYSYSTEM.

Escalation of Privileges in Steam may lead to data and password loss

This is a privilege escalation vulnerability that allows an attacker with minimal access permissions to get system admin permissions. This means that malware with these raised privileges could affect your privacy and personal data:

Some of the threats will remain even being run without administrator rights. […] the high rights of malicious programs can significantly increase risks, programs could disable antivirus, use deep and dark places to hide and change almost any file of any user, even steal private data.

This issue with the Steam Client Service is pretty big and could lead to many unwanted problems.

Share your thoughts about Steam‘s “zero-day” security vulnerability in the comments section below and we’ll continue the talk.

Discussions

Next up

Browser not showing images? Here’s how you fix this

Alexandru Voiculescu By: Alexandru Voiculescu
2 minute read

Browsers are essential tools for surfing the Internet. Also, the interface of any browser is crucial for providing a user-friendly experience. However, this feature is […]

Continue Reading

Fix Power Bi column errors with these quick solutions

Tashreef Shareef avatar. By: Tashreef Shareef
3 minute read

While using the Power Bi desktop app you may face some issues with your data and file. One such error is related to Power Bi […]

Continue Reading

FIX: Try opening this file in another app error in Windows 10

Tashreef Shareef avatar. By: Tashreef Shareef
3 minute read

The built-in Windows Photos app allows you to edit photos as well as play videos of multiple formats apart from viewing images. Sometime, the app […]

Continue Reading