Sometimes, vulnerabilities can hang around for years and years without being discovered, and a remote code execution flaw found in Steam has reportedly been a gaping hole in the side of Valve’s gaming service for no less than a decade – although it has now been patched.

As Motherboard reports, Tom Court, a security expert at Context, believes that the exploit had been present in Steam for at least 10 years, and every user of the service could potentially have had this leveraged against them during that period.

However, as we mentioned, the good news is that the exploit has already been patched by Valve, and in fact this particular vulnerability was fixed back in March.

How serious was the problem? Court describes the bug as ‘simple’ and ‘straightforward to exploit’, worryingly, and the vulnerability could potentially have allowed a malicious party to execute code on the target PC running Steam, subsequently letting them take control of the machine.

So, yeah. It was pretty serious, then.

Speedy response

On the positive side for Valve, this vulnerability was made harder to exploit last July when the firm implemented a new security measure: ASLR (address space layout randomization).

But it was still a potential hole until Court reported the problem to Valve, with the company also being quick to respond – he praised the firm for the fact that within eight hours of receiving his email, it had applied a fixed to the beta version of the Steam client.

Court concludes that the code in which the vulnerability resided was likely very old, and the developers probably hadn’t been anywhere near it in a long time as a result.

The lesson? Software developers should take the time to review old chunks of code in the light of contemporary security standards, probing for issues such as this which may have been hanging around for ages.

Generally speaking, there are probably a host of these sort of flaws scattered about the world of PC software, when you consider the sheer amount of apps and services out there. The worry is that if developers or a friendly white hat security researcher don’t find them first, they could be actively exploited against an entire user base.



from TechRadar - Software news https://ift.tt/2Lahwh4