kot-headerlogo-01 A U

See Games Differently

Subscribe

Security Company Finds Chink In Steam’s Armour

Luke Plunkett Avatar
Luke Plunkett


Of course, an online security company has a vested interest in pointing out security loopholes, but still, this makes for interesting reading.

Revuln has taken a look at how Steam runs and has found a tiny security loophole in the way the Steam browser protocol uses a URL handler to perform basic tasks like installing and executing games.

Seems Apple’s Safari can run these commands without the user knowing, meaning attackers could potentially use the browser as a means of sliding in and compromising all kinds of games.

I know, Safari, but a hole is a hole, and the way Revuln found it and detail it is pretty good reading.

STEAM BROWSER PROTOCOL INSECURITY [Revuln, via PC Gamer]

The Cheapest NBN 1000 Plans

Looking to bump up your internet connection and save a few bucks? Here are the cheapest plans available.

At Kotaku, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.

Comments

15 responses to “Security Company Finds Chink In Steam’s Armour”

READ THE COMMENTS

Leave a Reply

Your email address will not be published. Required fields are marked *