INSUBCONTINENT EXCLUSIVE:
Sometimes, vulnerabilities can hang around for years and years without being discovered, and a remote code execution flaw found in Steam has
Motherboard reports, Tom Court, a security expert at Context, believes that the exploit had been present in Steam for at least 10 years, and
every user of the service could potentially have had this leveraged against them during that period.However, as we mentioned, the good news
is that the exploit has already been patched by Valve, and in fact this particular vulnerability was fixed back in March.How serious was the
allowed a malicious party to execute code on the target PC running Steam, subsequently letting them take control of the machine.So, yeah
It was pretty serious, then.Speedy responseOn the positive side for Valve, this vulnerability was made harder to exploit last July when the
firm implemented a new security measure: ASLR (address space layout randomization).But it was still a potential hole until Court reported
his email, it had applied a fixed to the beta version of the Steam client.Court concludes that the code in which the vulnerability resided
should take the time to review old chunks of code in the light of contemporary security standards, probing for issues such as this which may
have been hanging around for ages.Generally speaking, there are probably a host of these sort of flaws scattered about the world of PC
software, when you consider the sheer amount of apps and services out there
