• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 28th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Gaming

Steam fixes 10-year-old critical remote code execution vulnerability

June 2nd, 2018 Waqas Security, Gaming 0 comments
Steam fixes 10-year-old critical remote code execution vulnerability
Share on FacebookShare on Twitter

A vulnerability in the Steam client was an open door to hackers for more than 10 years. The vulnerability was discovered by security researcher Tom Court of Contextis, who warned Steam and the good news is that it was quickly shut down by Steam developers Valve.

According to Court, Steam software allowed malicious hackers to carry remote code execution attacks. In this way, it was possible to control a user’s machine – The vulnerability was highly critical since more than 15 million people are using Steam.

This happened because Steam sent UDP (User Datagram Protocol) packets to communicate with the client. The UDP packet is similar to TCP (Transmission Control Protocol), however, it is faster. To exploit the vulnerability, an attacker only had to send an altered UDP packet.

Steam fixes 10-year-old critical remote code execution vulnerability

According to Valve, there is no indication that malicious hackers took advantage of the vulnerability

“The error was caused by the absence of a simple check to ensure that for the first packet of a fragmented datagram the specific packet size is less than or equal to the total length of the datagram. present for all subsequent packets carrying fragments of the datagram,” noted the researcher in his blog.

After the Steam client encountered this failure, the memory limits of the software were popped up in one of the libraries. In this way, the client became a door open to hackers.

According to Valve, there is no indication that malicious hackers took advantage of the vulnerability. If you have Steam on your machine, ensure that the latest version is installed.

  • Tags
  • gaming
  • hacking
  • Steam
  • Technology
  • Vulnerability
Facebook Twitter LinkedIn Pinterest
Previous article Visa card payment network goes down across Europe
Next article Personal data of over 50,000 Honda Connect App leaked
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
World's Most 'Resilient Malware' Botnet Emotet Taken Down

World's Most 'Resilient Malware' Botnet Emotet Taken Down

Top Cybersecurity Threats to Watch in 2021

Top Cybersecurity Threats to Watch in 2021

Database of 176 million Pakistani mobile phone users sold online

Database of 176 million Pakistani mobile phone users sold online

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
NetWalker ransomware disrupted - Cryptocurrency and domain seized
Cyber Crime

NetWalker ransomware disrupted - Cryptocurrency and domain seized

43
Transferring Whatsapp data from iPhone to Android with MobileTrans
How To

Transferring Whatsapp data from iPhone to Android with MobileTrans

29
World's Most 'Resilient Malware' Botnet Emotet Taken Down
Cyber Crime

World's Most 'Resilient Malware' Botnet Emotet Taken Down

82

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us