Steam URL protocol can be abused to exploit game vulnerabilities
When the Steam client is installed on a system, it registers itself as a steam:// URL protocol handler. This means that every time a user clicks on a steam:// URL in a browser or a different application, the URL is passed to the Steam client for execution.
Steam:// URLs can contain Steam protocol commands to install or uninstall games, update games, start games with certain parameters, backup files or perform other supported actions.
Attackers can abuse these commands to remotely exploit vulnerabilities in the Steam client or the Steam games installed on a system by tricking users into opening maliciously crafted steam:// URLs, ReVuln security researchers and founders Luigi Auriemma and Donato Ferrante said in research paper published on Monday.
...not too mention the whole thing is kind of annoying.
I've not seen anything suspicious yet, outside of random people trying to start chats claiming to be with steam
I usually just troll them for 5 or 10 minutes and block...
System Manufacturer/Model Number Insane hobo technologies. ;-) OS Windows 7 x64 CPU Intel i7 2600k Motherboard Asrock z68 extreme 4 gen 3 Memory G.skill Ripjaw 16gigs @ 1866 Graphics Card Nvidia gtx580 (evga) Sound Card Integrated HD audio + hdmi Monitor(s) Displays 24" ASUS widescreen + 42" insignia Screen Resolution 1080p (1920x1080)
Keyboard Microsoft wireless 3000 (v2) Mouse MS - wireless 5000 (bluetrack) PSU 1 kilowatt SLI/Crossfire rated Silverstone modular Case NZXT Phantom + additional 220 fan Cooling Zalmann Hard Drives 128 Samsung 830
256 Samsung 840
3 x 1tb storage drive (various)
1 western digital 1tb (eSATA)
1 Seagate 1tb (eSATA) Internet Speed depends on if you ask me or my provider. Other Info The above information is provided as is, and the author assumes no responsibility for issues it may cause with your sanity or fanboyism.
Steam URL protocol can be abused to exploit game vulnerabilities problems?