Gaming Reviews, News, Tips and More.
Discover
Editions
EspañolDeutschFrançais
More
Log In / Sign Up
Send us a Tip!Subscribe
Extra
About
AdvertisingPrivacyJobsTerms of Use
Explore our other sites
  • kotaku
  • quartz
  • theroot
  • theinventory
© 2025 G/O Media
We may earn a commission from links on this page

Security Company Finds Chink in Steam's Armour

By
Luke Plunkett
We may earn a commission from links on this page.

Of course, an online security company has a vested interest in pointing out security loopholes, but still, this makes for interesting reading.

Suggested Reading

Kotaku’s Weekend Guide: 5 Good Games We Can't Get Off Our Minds
Avowed Was Originally Pitched As Skyrim + Destiny
Yakuza Creator's New Action Game Could Be In Trouble
Live Forever in the Universe of 'New World: Aeternum'

Revuln has taken a look at how Steam runs and has found a tiny security loophole in the way the Steam browser protocol uses a URL handler to perform basic tasks like installing and executing games.

Suggested Reading

Kotaku’s Weekend Guide: 5 Good Games We Can't Get Off Our Minds
Avowed Was Originally Pitched As Skyrim + Destiny
Yakuza Creator's New Action Game Could Be In Trouble
Live Forever in the Universe of 'New World: Aeternum'

Seems Apple's Safari can run these commands without the user knowing, meaning attackers could potentially use the browser as a means of sliding in and compromising all kinds of games.

Advertisement

Related Content

Marvel Rivals Hit With Layoffs, MrBeast Says Life Is 'Easier When You're Broke,' And More Of The Week's Top News
Marvel Rivals Says Popular Third-Party PC Plugin Is 'Cheating Software' And Bans It

Related Content

Marvel Rivals Hit With Layoffs, MrBeast Says Life Is 'Easier When You're Broke,' And More Of The Week's Top News
Marvel Rivals Says Popular Third-Party PC Plugin Is 'Cheating Software' And Bans It

I know, Safari, but a hole is a hole, and the way Revuln found it and detail it is pretty good reading.

STEAM BROWSER PROTOCOL INSECURITY [Revuln, via PC Gamer]