Skip to main content

Steam community site suffers profile vulnerability but Valve makes quick fix

steam community site suffers profile vulnerability steamdev
Image used with permission by copyright holder
If you’re any kind of PC gamer, then you likely frequent Valve’s Steam service to procure at least some of your games. And if you’re a Steam customer, then you likely spend some time on Steam’s community site — and until just recently, that might not have been the safest place to be.

It appears that the Steam community site suffered from an exploit involving user profiles that could redirect users to alternate pages and download PHP code, Ars Technica reports. Valve was able to fix the exploit soon after it was announced, but not before a number of people had created profiles that exploited the vulnerability.

Recommended Videos

The exploit was first identified on the Steam subreddit, described as such:

“Currently, there is a risk (i.e. phishing, malicious script execution, etc.) involved when viewing or simply opening PROFILE pages of other steam users as well as your OWN activity feed (both desktop and mobile versions on all browsers including steam browser/chromium). I would advise against viewing suspicious profiles until further notice and disable JavaScript in your browser options. Do NOT click suspicious (real) steam profile links and Disable JavaScript on Browser. Appropriate information has been forward to Valve and this issue should be resolved soon, sorry for any inconvenience.”

Since that post was first created, Valve was able to fix the exploit and was able to classify Steam profiles and activity feeds as safe to visit. The exploit was subsequently explained in full in a follow-up Reddit post. Steam has more than 125 million users and any exploit on the Steam community site could have serious repercussions.

Apparently, the chances of long-term problems caused by the vulnerability were slim, but nevertheless, anyone who might have suffered from the exploit while it was live is recommended to turn on two-factor authentication, keep up with Valve’s official channels for more information, and, of course, change their Steam password.

Mark Coppock
Mark Coppock is a Freelance Writer at Digital Trends covering primarily laptop and other computing technologies. He has…
Steam Deck 2? This leak suggests Valve is working on new hardware
Steam Deck sitting on a pink background.

An exciting piece of gossip just dropped, and it might have something to do with the Steam Deck -- or it could be something else entirely. We're talking about a mysterious new device made by Valve that has just received radio certification from the South Korea National Radio Research Agency. Code-named "RC-V1V-1030," the product is referred to as a "low-power wireless device." What's Valve up to now?

The problem is that it could be nearly anything. Aside from a Steam Deck 2, or perhaps even just a refresh to the existing console, Valve has expressed interest in making a new virtual reality (VR) gaming headset to follow up on the Valve Index. Even an updated Steam Controller fits the description. The only thing to be learned from the certification is that the device uses 5GHz Wi-Fi, which could apply to all three of those potential products.

Read more
Valve is testing a new Big Picture Mode for Steam. Here’s how to try it
A picture of the Steam Deck

Valve has announced that it is running a beta test for an updated version of Big Picture Mode for the desktop version of Steam. According to a blog post published on Thursday, the proprietary UI is being updated to make the desktop interface look like the Steam Deck.

The updated version of Big Picture Mode comes with a host of new features, including a new home screen that lets you continue playing recent games and check for updates of any games in your library with a new universal search that nets results from your library, your friends list, and the store. It also brings updates to quick access, controller configuration, and system menus.

Read more
Valve is planning for a ‘next generation’ of Steam Deck with streaming in mind
The Steam Deck laying on a laptop.

Valve seems to be going all-in on the console market with the Steam Deck. One of Valve's designers confirmed the company is planning to develop next-gen iterations of the handheld PC, with streaming in mind.

As reported by VGC, several Valve developers spoke in an interview with Famitsu Weekly about players in Asia finally getting the ability to reserve a Steam Deck of their own. When asked about where the Steam Deck will go next, designer Greg Coomer gave a response confirming that Valve is interested in iterating on its system.

Read more