Steam is an online platform that offers multiplayer gaming and social networking. Steam’s concurrent users jump to above 12 million daily, and is one of the most popular gaming networks. Earlier this week a massive vulnerability in the Steam software was reported.
Yesterday the exploit was revealed on Steam’s subreddit by one of their moderators, R3TR1X. The moderator stated that there was a risk of phishing and malicious script execution when viewing profile pages or one’s own activity feed. The moderator was intentionally vague with the warning to prevent others from exploiting the vulnerability.
The XSS (Cross-site scripting) vulnerability was found and quickly patched by the Steam team. After the fix, the community exploit was then explained via a separate post. Steam concluded, “In truth [you are likely not infected], it is incredibly unlikely with the window of it becoming popular being quite small before Valve patched it up.”