[Ars Technica] Severe local 0-Day escalation exploit found in Steam Client Services

Silav101

Member
Oct 26, 2017
351
From the comments in the article itself (ArsTechnica has really useful comments, sometimes even better than the article):

======

Artem S. Tashkinov Wise, Aged Ars Veteran

This vulnerability looks scary ... only until you realize that Steam allows game devs to install any additional applications/libraries which means a bad "game" developer can similarly force the user to install whatever malware the developer wants. And I'm pretty sure Valve does not require game devs to show their source to the company, so it's all based on mutual trust which can be breached.

On the other hand this vulnerability allows malware, when it detects that Steam is installed, to gain additional SYSTEM level priveleges clandestinely which is really really bad, as it completely circumvents Windows security and makes the UAC prompt useless.

If Valve isn't already fixing this glaring hole, Microsoft should intervene and request an immediate response.

=======
 

Weltall Zero

Member
Oct 26, 2017
9,885
Madrid
lmao

Those are some edgy 5th graders
Sound like normal 5th graders to me, but of course I'm Spanish...
(it never fails to crack me up how limited the choices for curse words are in English. Translating the average Spanish expletive-laden tirade to English results in either a completely hilarious and unnatural sequence of words, or the word "fuck" repeated like fifteen times).
 

BronsonLee

it me
Member
Oct 24, 2017
16,189
From the comments in the article itself (ArsTechnica has really useful comments, sometimes even better than the article):

======

Artem S. Tashkinov Wise, Aged Ars Veteran

This vulnerability looks scary ... only until you realize that Steam allows game devs to install any additional applications/libraries which means a bad "game" developer can similarly force the user to install whatever malware the developer wants. And I'm pretty sure Valve does not require game devs to show their source to the company, so it's all based on mutual trust which can be breached.

On the other hand this vulnerability allows malware, when it detects that Steam is installed, to gain additional SYSTEM level priveleges clandestinely which is really really bad, as it completely circumvents Windows security and makes the UAC prompt useless.

If Valve isn't already fixing this glaring hole, Microsoft should intervene and request an immediate response.

=======
What was the last time a Steam game had malware wrapped up in it? I remember a Bitcoin miner or something, and something weird with SFV, but it's a few and far between kinda thing
 

Exzyleph

Member
Oct 25, 2017
560
What was the last time a Steam game had malware wrapped up in it? I remember a Bitcoin miner or something, and something weird with SFV, but it's a few and far between kinda thing
SFV didn't have a bitcoin miner, but it did have a terribly implemented anti-cheat system that practically speaking worked like a root-kit:

It was not intentionally malicious, but it was so poorly designed that it might as well have been.
 

BronsonLee

it me
Member
Oct 24, 2017
16,189
SFV didn't have a bitcoin miner, but it did have a terribly implemented anti-cheat system that practically speaking worked like a root-kit:

It was not intentionally malicious, but it was so poorly designed that it might as well have been.
Yeaahh, now I remember, I keep forgetting the details for that bugger

Thanks for the article~
 

derFeef

Member
Oct 26, 2017
5,069
Austria
What was the last time a Steam game had malware wrapped up in it? I remember a Bitcoin miner or something, and something weird with SFV, but it's a few and far between kinda thing
Watch your game updates (if you have any weird games installed...) and don't buy anything silly. Now that this is known everyone can stay safe and Valve/MS can fix it quickly hopefully.
 

Silav101

Member
Oct 26, 2017
351
What was the last time a Steam game had malware wrapped up in it? I remember a Bitcoin miner or something, and something weird with SFV, but it's a few and far between kinda thing
I believe that it means other malware that is not even Steam or gaming related can utilize the escalation of privilege vulnerability in the Steam service. Personally i rate the possibility of an actual attack via the Steam platform itself is on the low side (but not zero). The issue would be other malware that can piggyback on the vulnerability in the Steam service, instead of via a browser, etc.
 

BronsonLee

it me
Member
Oct 24, 2017
16,189
I believe that it means other malware that is not even Steam or gaming related can utilize the escalation of privilege vulnerability in the Steam service. Personally i rate the possibility of an actual attack via the Steam platform itself is on the low side (but not zero). The issue would be other malware that can piggyback on the vulnerability in the Steam service, instead of via a browser, etc.
Yeah that sounds more logical for this one tbh
 

Kthulhu

Member
Oct 25, 2017
9,309
TIL there are people who turn off UAC. Do y'all hate typing in your password that much and/or clicking a button?
 
Last edited:

Gentlemen

Member
Oct 25, 2017
3,686
TIL there are people who turn off UAC. Do y'all hate typing in your password that much and/or clicking a button?
When it was first introduced as a Windows feature it was extremely disruptive. People could barely do anything without Windows asking them if they were very, very, very sure they wanted to do it. This gave it a bad rep and pretty soon the Family Tech Support default response was to disable it.
It's far less disruptive now but the horrid first impression left a bad taste in a lot of mouths.
 

Kthulhu

Member
Oct 25, 2017
9,309
When it was first introduced as a Windows feature it was extremely disruptive. People could barely do anything without Windows asking them if they were very, very, very sure they wanted to do it. This gave it a bad rep and pretty soon the Family Tech Support default response was to disable it.
It's far less disruptive now but the horrid first impression left a bad taste in a lot of mouths.
Wasn't the reason it was implemented was because XP was so easy to infect?
 

RPG_Fanatic

Member
Oct 25, 2017
1,110
Well, this is certainly troublesome. I will just have to make sure I don't do something stupid to allow the access needed for this exploit.
 

funky

Member
Oct 25, 2017
7,085
Valve address major issue only after it gains a bunch of traction in the press story #87.


Exploits happen. Cant blame Valve on that. Lets just hope they look at how seriously they take reports in the future so this shut doesnt make it to the public again as easily.