O que há de Novo?
Fórum Outer Space - O maior fórum de games do Brasil

Registre uma conta gratuita hoje para se tornar um membro! Uma vez conectado, você poderá participar neste site adicionando seus próprios tópicos e postagens, além de se conectar com outros membros por meio de sua própria caixa de entrada privada!

  • Anunciando os planos GOLD no Fórum Outer Space
    Visitante, agora você pode ajudar o Fórum Outer Space e receber alguns recursos exclusivos, incluindo navegação sem anúncios e dois temas exclusivos. Veja os detalhes aqui.


[Cuidado com as merdas que vc instala no seu PC news] DRM de jogos famoso tem vulnerabilidade séria reportada mas empresa não dá uma foda

blackjew

blackjew

Mil pontos, LOL!
Mensagens
13.916
Reações
7.350
Pontos
1.229
Basicamente um carinha encontrou uma vulnerabilidade no cliente do Steam para Windows que permite elevar privilégios sem conhecimento do usuário.

arstechnica.com

Severe local 0-Day escalation exploit found in Steam Client Services

This trivially exploited security flaw allows any user root—er, LOCALSYSTEM—privileges.
arstechnica.com arstechnica.com

Até aí blz, nenhum software é totalmente livre de falhas. O problema é que o cara fez o processo direitinho pra reportar o erro e além de esbarrar em uma série de dificuldades no final a volvo ligou o f**a-se. Não aceitou o bug, não consertou nada e ainda queria proibir a publicação da vulnerabilidade.

Timeline
June 15 — reported via HackeOne.

June 16 — marked as “N\A”, due to "Attacks that require the ability to drop files in arbitrary locations on the user's filesystem».

June 16 — reopened with my comments.

July 2 — vulnerability confirmed by HackerOne staff and submitted it to the appropriate remediation team for review.

July 20 — marked as “N\A”, "Attacks that require the ability to drop files in arbitrary locations on the user's filesystem." and "Attacks that require physical access to the user’s device".

August 7 — public disclosure (this paper).

Bonus
The thing is that it was decided to expand the timeline because of a quite interesting event which occurred during the preparation of this article:

July 20 — after the report was rejected, I informed H1, that I would disclose the details of vulnerability publicly after July 30.

August 2 — one more H1 employee appears in the thread and forbids the disclosure.



This article was ready for publication by July 30 (this date was chosen due to 45 days deadline since initial vulnerability report was sent). So, two weeks after my message, which was sent on July 20, a person appears, who tells me that my report was marked as not applicable, they closed the discussion and wouldn’t offer any explanation to me. Moreover, they didn't want me to disclose the vulnerability. At the same time, there was not even a single word from Valve. No, guys, that's not how it works. You didn’t respect my work, and that's the reason why I won’t respect yours — I see no reason why I shouldn't publish this report. Most likely I’ll be banned at H1 because of it, but it won't make me upset.

UPD.

Yesterday (August 6, 2019) Steam was updated. No, problem is not fixed. File versions: 5.27.59.20 signed at 06 Aug 2019.
Clique para ver tudo...

Steam Windows Client Local Privilege Escalation 0day

Описание
amonitoring.ru amonitoring.ru
 
navossoc

navossoc

Supra-sumo
Mensagens
1.319
Reações
788
Pontos
174
O IObit Advanced SystemCare usa o driver vulnerável do CPU-Z até hoje hahaha...

[]'s
 
Você tem que estar logado ou se cadastrar para responder.
Topo Fundo