Tuesday February 07, 2017

Valve Patches Major Steam Exploit You Didn't Know About

You do have two-step verification and other security features beyond a basic password for your Steam account, right? If you don’t, here is another case of why you should. Apparently, Valve kept this exploit a secretآ—I imagine that the whining already happened, but at least the company patched it within a few hours. This one involved an XSS exploit, so if you have been browsing Steam in any way, you may want to keep vigilant.

News Image

According to the mod in question, this was triggered just by viewing a dodgy profile page, or your own activity feed, but both these areas have now been patched up and fixed. However, if you’ve been clicking around Steam profiles earlier today, or the activity feed, that could obviously be a worry. There’s no sure way to tell if you have been affected at this point, unfortunately, save for آ– obviously enough آ– odd things happening to your Steam account. Fingers crossed that isn’t the case. As mentioned, this isn’t the first time we’ve witnessed an exploit hitting the Steam site, or indeed serious privacy woes like the time just over a year ago when people’s account details (including credit card data) became visible to some other users (rather than their own information).