Hoss
Chieftain
- Joined
- Jan 7, 2005
- Messages
- 41
Another one reported
https://www.bleepingcomputer.com/ne...o-day-impacts-over-96-million-windows-users/1
Second Steam Zero-Day Impacts Over 96 Million Windows Users
"The privilege escalation (also known as an elevation of privilege or local privilege escalation) security flaw disclosed today by Kravets can allow attackers with limited rights to use a technique known as BaitAndSwitch to run executables using the Steam Client Service's NT AUTHORITY\SYSTEM elevated permissions.
This would allow potential attackers to launch a three-stage attack, getting remote code execution privileges by exploiting a vulnerability in a Steam game, a Windows app, or the OS itself, subsequently elevating privileges on the compromised device and running a malicious payload using SYSTEM permissions."
https://www.bleepingcomputer.com/ne...o-day-impacts-over-96-million-windows-users/1
Second Steam Zero-Day Impacts Over 96 Million Windows Users
"The privilege escalation (also known as an elevation of privilege or local privilege escalation) security flaw disclosed today by Kravets can allow attackers with limited rights to use a technique known as BaitAndSwitch to run executables using the Steam Client Service's NT AUTHORITY\SYSTEM elevated permissions.
This would allow potential attackers to launch a three-stage attack, getting remote code execution privileges by exploiting a vulnerability in a Steam game, a Windows app, or the OS itself, subsequently elevating privileges on the compromised device and running a malicious payload using SYSTEM permissions."
