Steam suffers from security flaw

Steam has been doing really well lately offering more and more games and recently non-gaming software but a security flaw has been just found that may compromise your PC and make it vulnerable to hacker attacks.

The bug is hidden in a browser command that utilizes Valve’s software distribution system. When a browser accesses a URL that starts with the command “steam://” it will prompt your copy of Steam to launch and perform an operation. In most cases this operation would launch a game or install/uninstall software.

It is exactly this command that leaves a backdoor to be exploited by hackers that can install and run compromised software on any Steam computer, including exploits for games with different engines. Some browsers such as Chrome or IE will first ask you whether you want to access the URL but some other such as Safari and Steam’s own browser won’t.

No attacks have been reported so far and a patch is being worked on as we speak but until then be careful when using Steam.