Steam Protocol Opens PCs to Remote Code Execution 128
Via the H comes news of a possible remote attack vector using the protocol handler installed by Valve's Steam platform: "During installation, it registers the steam:// URL protocol which is capable of connecting to game servers and launching games ... In the simplest case, an attacker can use this to interfere with the parameters that are submitted to the program. For example, the Source engine's command line allows users to select a specific log file and add items to it. The ReVuln researchers say that they successfully used this attack vector to infect a system (PDF) via a batch file that they had created in the autostart folder. ... In the even more popular Unreal engine, the researchers also found a way to inject and execute arbitrary code. Potential attackers would, of course, first have to establish which games are installed on the target computer. "
Re:Before anyone panics... (Score:2, Insightful)
Sounds alright to me. I can't recall ever clicking a steam:// link anyways.
I'm sure a couple lines of basic javascript would be able to do that on your behalf though.
How is this an exploit? (Score:2, Insightful)
Not sure what the real issue is...
Re:How is this an exploit? (Score:0, Insightful)
The real issue would be with your reading comprehension skills. Try reading it again.
Re:Why is this even on Slashdot (Score:5, Insightful)
Re:Too late.. (Score:3, Insightful)
Nonsense. Unless you count potentially buggy(buggier?) games with frequently painful install procedures, possible Trojans and viruses and often other game experience limitations.
That hasn't been my experience actually. Most problems I ever had with games were caused by the DRM. Pirate versions eliminate that.
Pirated games are only free if your time is worthless.
In other words "I had a hard time with it so everybody else does too". That just isn't true.
.exe and copying over the cracked version ONE SINGLE TIME just isn't a big deal. The problems I have had with DRM took up a lot more time than that.
Besides we are talking about games here. Free time is assumed. A few seconds deleting an
My experience with pirated games is so good that even if I buy the game I still install the pirate version. No offense but perhaps you are not technically competent in this area? Did you ever think maybe your personal experience is not universal?
URL handlers (Score:4, Insightful)
Oh look, yet another vulnerability caused by allowing web pages to start random applications on your system.
Who ever thought that was a good idea?