Ntauthority remote play patch5/30/2023 ![]() ![]() The vulnerability exists in the Steam Client Service, which runs on Windows computers with system privileges. Yet Steam’s owner, Valve, determined that the flaw was “not applicable” after Kravets submitted it via the HackerOne bug-bounty platform. Given that Steam says that it has more than a billion registered users worldwide (and 90 million active users, who sign up to play games like Assassin’s Creed, Grand Theft Auto V and Warhammer), the attack surface is potentially massive. The bug is a privilege-escalation vulnerability that can allow an attacker to level up and run any program with the highest possible rights on any Windows computer with Steam installed, according to independent researcher Vasily Kravets (a.k.a. Valve then published a patch, that the same researcher said can be bypassed. A researcher has dropped a zero-day vulnerability that affects the Steam game client for Windows, after Valve said it wouldn’t fix it.
0 Comments
Leave a Reply. |