We have just released a paper [1], in which we prove that the current implementation of the Steam Browser Protocol handling mechanism is an excellent attack vector to exploit local issues in a remote fashion. Steam [2] is the biggest gaming related digital delivery platform with an audience of more than 50 million people and supporting several different platforms including Windows, Mac OS and Linux. A demonstrating video [3] is available. [1] http://revuln.com/files/ReVuln_Steam_Browser_Protocol_Insecurity.pdf [2] http://steampowered.com [3] http://vimeo.com/51438866 --- ReVuln http://revuln.com http://twitter.com/revuln
