News

Steam gamers: your Windows PC is prone to privilege escalation attacks

Steam, a popular video game platform is vulnerable to privilege escalation attacks. On Windows PCs, Steam creates installation directories with improper permissions.

This can let a user, an attacker, or worse, malware abuse Steam executables to escalate privileges.

This week, Will Dormann, a vulnerability analyst at CERT/CC tweeted “You probably shouldn’t make your install dir world-writable. Unexpected stuff could happen.”

In his tweet, Dormann was referring to how his vulnerability report on the issue was closed by Valve—the company behind Steam.

According to Dormann, the company cited that “file placement” attacks were out of scope and closed his vulnerability report without further action.

The analyst further advised in the same thread, “Don’t run games on systems you care about, folks.”

“My bug was marked duplicate of a bug that was closed a year and a half ago. I don’t get the impression that they’re fixing it.”

On digging deeper, it seems Steam has received similar reports before concerning privilege escalation vulnerabilities either via Windows registry attacks or through file permissions, that were all dismissed.

For example, an advisory for a five-year-old vulnerability, CVE-2015-7985, states that the weak default permissions on Steam installation folders grant Windows users in a group both read and write access.

This means an attacker or a malicious program can modify or replace steam.exe with an arbitrary malicious binary.

Since steam.exe typically launches itself automatically on start, if an administrator was to log onto a shared system, the malicious code (now disguised as steam.exe) would execute with full admin rights, which can wreak havoc on the system and the network it is present on.

Likewise, another user had tweeted last year how Steam’s VDF files could be abused to launch arbitrary executables and gain persistence.

It does not appear the company plans on fixing these trivially fixable, yet serious flaws anytime soon.

In the meantime, users should refrain from installing Steam on mission critical systems.

Security Report reached out to Valve for comment but we did not hear back.

Ax Sharma

Ax Sharma is a UK-based security researcher, journalist and TV subject matter expert experienced in malware analysis and cybercrime investigations. His areas of interest include open source software security and threat intel analysis. Frequently featured by leading media outlets like the BBC, Channel 5, Fortune, WIRED, The Register, among others, Ax is an active community member of the OWASP Foundation and the British Association of Journalists (BAJ).

Recent Posts

8 Brutal Truths About Cybersecurity I Wish I Knew

When I first got into cybersecurity, I thought it was all about hackers in hoodies…

12 hours ago

US Air Force Probes Potential SharePoint-Linked Privacy Breach

The US Air Force is investigating a “privacy-related issue” that may have exposed personally identifiable…

2 days ago

Harrods third-party breach exposes 430,000 customer records, hackers reach out

London’s iconic department store Harrods has disclosed that approximately 430,000 customer records were compromised in…

4 days ago

WestJet confirms customer ID, passports stolen in June cyberattack

WestJet confirmed that in a June 2025 cybersecurity incident, a “sophisticated, criminal third party” gained…

4 days ago

Did You Also Get a ‘Real’ Phishing Email From GitHub.com?

Imagine getting an email straight from GitHub’s own notification system: the same one you've trusted…

7 days ago

World’s Largest Supply Chain Cyber Attack… And just 5 Cents Stolen?

You probably saw the headlines: the world’s largest npm supply chain attack, chalk and debug-js…

1 week ago

This website uses cookies.