Hmm, I wonder if it's connected to the "they disabled my Steam Guard and stole my Steam account" issue. Over the last year I've heard about two different people who had this happen to them.
Comment has been collapsed.
It's very likely that it has never been abused in wild.
They would still need to capture your connection to Steam first (eg. hacking your ISP, modem, etc.) to able to abuse this.
If they already can listen on your connection, being able to crash Steam isn't your biggest problem.
Simply UDP spoofing might be possible depending on ISP but:
"In order for an attacker’s UDP packets to be accepted by the client, they must observe an outbound (client->server) datagram being sent in order to learn the client/server IDs of the connection along with the sequence number."
If your connection is secure, they can do nothing. If your connection isn't secure, you're already fucked up in other ways.
Comment has been collapsed.
And that's why you never setup a program to "Launch as an Administrator" if that program doesn't have a valid reason to do so.
I cringe every time someone suggests to do that when some software or game doesn't launch otherwise. If this ever went live, and people had Steam set up to "launch as an administrator" because X or Y game didn't work otherwise, an attacker could possibly have done anything they wanted on the remote machine. Anything.
Comment has been collapsed.
16,656 Comments - Last post 3 seconds ago by Rosayde
5 Comments - Last post 32 minutes ago by kasiq
10 Comments - Last post 35 minutes ago by MagnificentOne
222 Comments - Last post 47 minutes ago by DeliberateTaco
2,364 Comments - Last post 3 hours ago by FranckCastle
172 Comments - Last post 3 hours ago by BSkorpion
8,636 Comments - Last post 3 hours ago by tommiwa
166 Comments - Last post 31 seconds ago by Jastrzap
2,892 Comments - Last post 2 minutes ago by na1
75 Comments - Last post 8 minutes ago by funnyduck99
12 Comments - Last post 19 minutes ago by 9389998
764 Comments - Last post 22 minutes ago by Wintermute101
151 Comments - Last post 22 minutes ago by Waciach
42 Comments - Last post 35 minutes ago by ShroudOfLethe
that was there for 10+ years! :
http://www.guru3d.com/news-story/valve-patched-massive-vulnerability-in-steam-(that-was-there-for-10-years).html
P.S : The most terrifying launch of a calculator app ever seen.
Comment has been collapsed.