Steam, the online gaming platform for computers, has a variety of safeguards in place to help prevent players from unintentionally accessing suspicious links and unrelated websites. However, exploits can arise at any time, and it seems that one potentially severe exploit that went ignored for two years has finally been addressed.
Recently, a white-hat hacker group reported that it had discovered a problem within Steam’s code over two years ago that had gone ignored by Valve up to that point. The Steam exploit was reported to have been able to give nefarious users control over a player’s computer, allowing them to potentially access sensitive information like billing info and passwords.
The group, Secret Club, publicly revealed the information last week, noting that despite contacting Valve about the issue previously, the problem was still unresolved. To make matters worse, Secret Club claimed that Valve was purposefully hiding the issue, and wouldn’t allow them to publicly disclose the details of the exploit. In the meantime, players’ accounts have been at risk, as the exploit could be utilized via Steam player invites or even community servers, which games like Team Fortress 2 and Left 4 Dead 2 heavily rely upon.
It appears that the public pressure and awareness of the exploit forced Valve’s hand, as the developer has now officially addressed and repaired the issue. @floesen_, a member of Secret Club who originally reported the issue, announced that the exploit has been fixed and that Valve has given them the go-ahead to detail what exactly the exploit entailed in the future technical write-up.
While this is great news for Steam users, unfortunately, some issues still remain. The Secret Club has also previously reported on exploits that could be used for nefarious purposes specific to both Team Fortress 2 and CS: GO, which at the time of this writing, have not yet been fixed. With the recent action from Valve, however, there’s a good chance that fixes for these issues will also be issued in the near future. While Team Fortress 2 has been overrun by bots for quite some time now and has been largely overlooked by Valve in favor of continued support and releases of some of its other game franchises, the large player bases and continual microtransactions made through these games will likely see a big hit if the developer doesn’t take steps to fix them soon.
Steam’s competition has yet to make a massive impact on the storefront, with Epic Games Store reporting major losses over the last two years. However, if exploits like these go unaddressed in the future, it may give PC gamers pause over which company they choose to buy and play games through. It’s in Steam’s and players’ best interests to address these issues as soon as they’re brought to its attention going forward.