Valve Patches Security Flaw That Allows Installation of Malware via Steam Games


Userlevel 7
Badge +54
July 20, 2017   By Catalin Cimpanu


 
A vulnerability in Valve's Source SDK, a library used by game vendors to support custom mods and other features, allows a malicious actor to execute code on a user's computer, and optionally install malware, such as ransomware, cryptocurrency miners, banking trojans, and others.
 
The issue came to light today when security researcher Justin Taft of One Up Security published a report detailing his findings.
 
The vulnerability is a simple buffer overflow in the Source SDK. The buffer overflow can be exploited by an attacker to append a piece of malicious code and execute it on a targeted machine.
 
Full Article.

0 replies

Be the first to reply!

Reply