Hmm, I wonder if it's connected to the "they disabled my Steam Guard and stole my Steam account" issue. Over the last year I've heard about two different people who had this happen to them.
Comment has been collapsed.
It's very likely that it has never been abused in wild.
They would still need to capture your connection to Steam first (eg. hacking your ISP, modem, etc.) to able to abuse this.
If they already can listen on your connection, being able to crash Steam isn't your biggest problem.
Simply UDP spoofing might be possible depending on ISP but:
"In order for an attacker’s UDP packets to be accepted by the client, they must observe an outbound (client->server) datagram being sent in order to learn the client/server IDs of the connection along with the sequence number."
If your connection is secure, they can do nothing. If your connection isn't secure, you're already fucked up in other ways.
Comment has been collapsed.
And that's why you never setup a program to "Launch as an Administrator" if that program doesn't have a valid reason to do so.
I cringe every time someone suggests to do that when some software or game doesn't launch otherwise. If this ever went live, and people had Steam set up to "launch as an administrator" because X or Y game didn't work otherwise, an attacker could possibly have done anything they wanted on the remote machine. Anything.
Comment has been collapsed.
167 Comments - Last post 33 minutes ago by cartcollector
17 Comments - Last post 1 hour ago by FluffyKittenChan
79 Comments - Last post 2 hours ago by thenevernow
11 Comments - Last post 4 hours ago by PElvisTek
47,233 Comments - Last post 7 hours ago by FranckCastle
33 Comments - Last post 7 hours ago by C4pM
313 Comments - Last post 8 hours ago by crussor
36 Comments - Last post 53 seconds ago by m0r1arty
58 Comments - Last post 22 minutes ago by akaSM
36 Comments - Last post 29 minutes ago by VahidSlayerOfAll
166 Comments - Last post 41 minutes ago by RosimInc
9,777 Comments - Last post 1 hour ago by LinustheBold
844 Comments - Last post 1 hour ago by Deyalleft
29,110 Comments - Last post 1 hour ago by FranckCastle
that was there for 10+ years! :
http://www.guru3d.com/news-story/valve-patched-massive-vulnerability-in-steam-(that-was-there-for-10-years).html
P.S : The most terrifying launch of a calculator app ever seen.
Comment has been collapsed.