Any software is vulnerable to security flaws, especially those that are updated periodically (due to possible “backdoors” left open by developers) and those that are connected to the Internet. Steam is no exception, as a Steam exploit has now been released that made millions of users vulnerable over the past 10 years.
An exploit is a security flaw that a hacker can use to sneak malware into a program and infect a computer or get private data, among others.
Steam is a very attractive target, as it has data from video games and companies but also from millions of users who have shared their addresses and bank details with the platform.
Software security flaws are very common, in general, but when a service like Steam, Xbox Live or PSN, for example, is vulnerable, it exposes millions of users of the platform in question to hackers and malware.
The worst part is that the Steam exploit has been around for the past 10 years.
How is this possible?
According to Tom Court, a security expert at Context, this was a Steam exploit that, in addition to being on the platform for 10 years, was extremely easy for a third party to use to take over the users’ PCs.
This security flaw is extremely serious on the part of Valve, the company in charge of the Steam service, as it seems, according to Court, that the platform was not prepared to protect itself against the development of new exploits, something that could put more than 15 million users on Steam at risk.
Valve released a patch last year that solved much of the problem but there was still a backdoor that could be used by hackers to sneak into Steam’s network and infect users’ computer or grab private data.
Tom Court himself gave a demonstration that shows us how to open the calculator on a computer, remotely, via this Steam exploit, in a video called “A Remote Code Execution Vulnerability in the Steam Client”.