https://wccftech.com/bug-125-million-steam-users-vulnerable/

Valve’s popular video game platform Steam had a remote code execution (RCE) vulnerability that went unfixed for years, leaving millions of users vulnerable. Tom Court, a security researcher at Contextis, revealed the details of the bug that reportedly left all Steam users vulnerable for the past decade. The good news is that the bug has now been fixed by Valve.

“The keen-eyed, security conscious PC gamers amongst you may have noticed that Valve released a new update to the Steam client in recent weeks,” Court wrote, adding that the update was to deliver the bug fix. “This bug could have been used as the basis for a highly reliable exploit,” he said. “This was a very simple bug, made relatively straightforward to exploit due to a lack of modern exploit protections.”