Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel
Login or Register to Hide ads and Accessing all features on the forum
Thread Rating:
  • 1 Vote(s) - 2 Average
  • 1
  • 2
  • 3
  • 4
  • 5
News Steam Windows Client Facing Zero Day: Valve Appearing Complacent
[Image: dims?quality=85&image_uri=https%3A%2F%2F...c64009523f]


                    Steam is facing some scrutiny after a Zero Day that has affected some 125 million users, is seemingly ignored by Valve, and was even labeled as N/A. Afterwards the threat was closed. This drew criticism from the security as well as the their own community. Miainly, the Zero-Day was ignored. that because the Zero-Day didn't fit into the scope of their bounty program. 

         The Zero-Day itself, is as follows, the vulnerability resides in the Steam Client Service. When the SDDL was reviewed, it was discovered that any user in the "Users" group can start and stop any program. Apparently, Users have permissions for all keys and subkeys. 

         While the report was filed, it doesn't seem like Valve will be addressing the Zero-Day, if it has been addressed, they have not given an official report. 

         Original article can be found here

                     That was the news folks, have a good day, and stay safe out there.


01001001 00100000 01000001 01001101 00100000 01011010 01001111 01000100 01001001 01000001 01000011

Users browsing this thread: 1 Guest(s)