![Metro conflict steam data](https://kumkoniak.com/25.jpg)
![metro conflict steam data metro conflict steam data](https://mmos.com/wp-content/gallery/metro-conflict/Metro-Conflict-Dying.jpg)
"Any software with vulnerabilities is interesting for attackers," John Opdenakker, an ethical hacker, says "gaming platforms with a large userbase are no different and might well be targeted by attackers."
![metro conflict steam data metro conflict steam data](https://img.youtube.com/vi/C_0uD-mmvVs/0.jpg)
Gamers are not at any more risk of being in the crosshairs of an attacker than any other group. “We understand hackers are passionate about their work and security and we have policies in place to handle their concerns, with the last resort being public disclosure after 180 days have elapsed without the security team setting a vulnerability disclosure deadline,” a HackerOne spokesperson says, continuing “we have now re-opened the issue and are in dialogue with the hacker in question to work through the frustration.” What can gamers do to mitigate the risk? This is only half the standard 90 days, and a quarter that advocated by HackerOne, that would be given to effect a fix before disclosure was made. Kravets then went on to disclose the vulnerability publicly as 45 days had now passed.
![metro conflict steam data metro conflict steam data](https://mmos.com/wp-content/gallery/metro-conflict/Metro-Conflict-Float.jpg)
This time for the same reason as before, but additionally as it also required physical access to the user's device. "A few weeks later it was again rejected," The Register stated. The Register reported that this was initially rejected by HackerOne as being out of scope because the attack required "the ability to drop files in arbitrary locations on the user's filesystem." Having persuaded HackerOne that the vulnerability was valid and serious, the disclosure report was then sent to Valve, the Steam parent company. Why has this not been fixed already?Īccording to Kravets in his disclosure, he reported the vulnerability via the HackerOne bug bounty system which Steam supports. Given that Steam has around 100 million active monthly gamers, that's one heck of a lot of people who could be at risk from this security vulnerability. 72% of all Steam gamers use the Windows 10 platform, according to the July 2019 figures from Steam itself. However, if you add all Windows versions together, it brings the total number of players up to 96%. Steam itself has approximately 100 million active users each month, out of a "membership" in excess of a billion. How many Windows gamers are at risk in total? However, because it was not dealt with quickly, and the proof of concept is now out there, it has escalated into a critical one in my never humble opinion. This started as a relatively moderate, in terms of risk, vulnerability.
![Metro conflict steam data](https://kumkoniak.com/25.jpg)