Two researchers publicly disclosed a zero-day vulnerability that affects the popular Steam game client for Windows, 0ver 100 million users at risk.
Two security experts disclosed a privilege escalation vulnerability in the Stream client for Windows that can be exploited by an attacker with limited permissions to run code administrative privileges.
The issue could be exploited by vxers to develop malware that is able to perform multiple malicious activities.
The two experts decided to disclose the flaw because Valve did not acknowledge it. Not only the company refused to cover the issue under its bug bounty program but asked one of them to not disclose the flaw.
Full Article.