Steam security loophole discovered; Safari users need to be particularly aware

steam_exploit_unlock_valve

ReVuln have spotted a vulnerability in the Steam service that allows you to be redirected to malicious sites and programs when clicking a Steam link. Whilst potentially effective for all browsers, if you use Safari you need to be particularly aware of this exploit.

Details below.

PC Gamer spotted this report by ReVuln which details how, because Steam uses its own URL handler, nasty types can use the Steambrowser to make redirect you to afoul little program.

In their words: “If you are familiar with Steam, you know that every user gets a personal profile page and on this page it’s possible to include information like pictures and videos.While pictures provided by the users get uploaded on Steam, videos are just links to YouTube videos. If a user tries to view a video attached to a profile, the user will get a page in which there is only the video, so no comments or description coming from YouTube. But if the user clicks on the title of the video (i.e. to leave comments on the YouTube video) then a new window is opened with all the details about the video including comments and description. So a malicious user can include links to external hosts, which can remotely invoke Steam commands by using the usual steam:// URLs. With this strategy the Steam browser will execute the protocol handler calls without any warnings.”

Browsers such a Safari don’t give a warning that they’re launching anexternal program and so you are more at risk then others.

Hopefully Valve are getting on top of this exploit. We’re contacting them to check what’s being done.