Valve has released a patch for Steam Windows client, but it is not enough

As was earlier reported, Valve has released a patch that removes the Steam Privilege Elevation Vulnerability (LPE) vulnerability for Windows systems.

[dropcap]N[/dropcap]evertheless, experts in the field of cybersecurity believe that the problems are still relevant for this software.

Matt Nelson

Matt Nelson

Initially, Valve did not want to release updates to eliminate this gap, and told this experts who discovered it – Vasily Kravets and Matt Nelson. But then a wave of indignation rose among company’s users and management had to change its mind and to release a patch.

“To fix this, in the Steam Client Beta Valve made it so that the Steam service would check the subkeys of the HKLM\Software\Wow6432Node\Valve\Steam\Apps Registry key using the RegQueryValueExA function“, — comments Steam to Bleepingcomputer.

However, Mitja Kolsek, co-founder of 0Patch and security researcher, said that the released update is not enough to completely eliminate a vulnerability that could lead to an increase in system rights.

Mitja Kolsek

Mitja Kolsek

According to Kolsek, Valve fixed one of the vulnerabilities, but the problem is that the Steam Client Service has a number of similar security holes that experts have been warning about for a long time.

Read also: 0-day vulnerability affects more than 100 million users

Attackers can use these flaws to escalate the privileges of their malware on the system. Mitya Kolsek specified that an attacker could exploit current vulnerabilities using a method known as “DLL hijacking” (interception of a DLL).

“A loophole for cybercriminals exists because the USERS group has full access to the Steam installation folder – C: \ Program Files (x86) \ Steam. This means that an attacker can simply replace the DLLs in this directory with malicious copies“, – said Mitja Kolsek.

[box]Recall last week that it was reported that the Windows client of Steam, a popular platform for digital distribution of video games, contains a zero-day vulnerability that could lead to an increase in the system privileges. As a result, an attacker can run programs as administrator.[/box]

About the author

Sophia Zimmerman

High-quality tech & computer security copywriter, SEO editor & online marketing consultant

Leave a Comment