>arstechnica.com/gaming/2019/08/severe-local-0-day-escalation-exploit-found-in-steam-client-services/ >The vulnerability lies within Steam Client Service. The service may be started or stopped by unprivileged users. This becomes a problem because, when run,Steam Client Service automatically sets permissions on a range of registry keys. If a mischievous—or outright malicious—user were to symlink one of these keys to that belonging to another service, it becomes possible for arbitrary users to start or stop that service as well. This becomes even more problematic when you realize that it's possible to pass arguments to services that run under extremely privileged accounts—such as msiserver, the Windows Installer service.
Steam drones will defend this. Where's your "MUH EGS IS CHINK SPYWARE" now?
+10 credits have been added to your CCP social score Viva xi jin ping
Nathaniel Diaz
why is it always the hacker known as russian?
Cooper Morgan
>Deal with it drones. Steam is going to die in a year or two. That'll still be faster than Epic when it comes to adding features Steam has had for years.
