• Hype
  • Murai
  • Lipstiq
  • Varnam
  • Hangat
  • Autofreaks
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Mobile Gaming
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Compu-zoneUpdated
    • ViewnetUpdated
    • Sri ComputersUpdated
    • StartecUpdated
  • More
    • Artificial Intelligence
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
    • Contact Us
No Result
View All Result
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Mobile Gaming
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Compu-zoneUpdated
    • ViewnetUpdated
    • Sri ComputersUpdated
    • StartecUpdated
  • More
    • Artificial Intelligence
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
    • Contact Us
No Result
View All Result
Lowyat.NET
No Result
View All Result

HackerOne Rejects Steam Bug Report By Security Researchers; Valve Says This Was A Mistake

by Ian Chee
August 23, 2019
Steam Valve
Share on WhatsappShare on TelegramThreads

Valve has recently courted controversy among those in the white-hat hacker circle. The company, via cybersecurity firm HackerOne, rejected a bug report by an independent security researcher. Said researcher was not only banned from reporting more bugs, but also found a second one of the same nature.

Security researcher Vasily Kravets first reported on a vulnerability on Steam that allowed existing malware in a Windows PC to gain admin access via the Steam app. Kravets then reported to HackerOne, only to be told that the vulnerability was out of scope. He then disclosed the vulnerability publicly earlier this month. This got him banned form reporting more bugs to Valve via HackerOne.

Valve issued a patch after the public disclosure, but another security researcher, Xiaoyin Liu said that it’s possible to bypass the fix. Kravets has also since found another vulnerability, which also gives existing malware admin rights.

7eb76e35 steam logo

A third security researcher, Matt Nelson, also found one of the bugs discovered by Kravets. He, too, made a report to HackerOne, only to get the same response as Kravets did. Nelson then reported his discovery directly to Valve. The company acknowledged the report but told Nelson that he “shouldn’t expect any further communication”.

Valve claims to have since fixed both vulnerabilities, and updated its HackerOne program rules to state that bugs of such nature are within scope. The company chalked up the previous rejection of the bug report as a misinterpretation of of the bug bounty rules. All that said, it appears that Kravets’ ban from reporting more bugs has not yet been reversed.

Related Article Valve Significantly Hikes Steam Deck OLED Prices In The US

(Source: Vasily Kravets via Ars Technica, TNW)

Filed Under Malwaresteamvalve
Updated 6:48 pm, Fri, 23 August 19
SendShareShareShare2Tweet1

Follow us on Instagram, Facebook, Twitter or Telegram for more updates and breaking news. 

No Result
View All Result

TRENDING THIS WEEK

  1. 1
    Fintech

    BNM To Phase Out Proprietary QR Payment Networks In Malaysia By 2028

  2. 2
    Speakers

    Xiaomi Desktop Speaker Pro Set Now Available In Malaysia

  3. 3
    Automotive

    MOF Officially Approves Budi Diesel Monthly Quota Increase To 300 Litres

  4. 4
    Mobile Phones

    Nothing Phone (4b) Now Official With 5,200mAh Battery, Vapour Chamber

  5. 5
    Gaming

    M4G Is Officially Bringing The Steam Machine Into Malaysia

NETWORK

  • Hype
  • Murai
  • Lipstiq
  • Varnam
  • Hangat
  • Autofreaks

ABOUT

  • Advertise
  • Careers
  • Privacy Statement
  • Editorial Policy
  • Terms of Use
  • Contact Us

©2026 VIJANDREN RAMADASS. ALL RIGHTS RESERVED.

No Result
View All Result
  • News
  • Forums
  • Laptops
  • Telco
  • Mobile
  • Gaming
  • Artificial Intelligence
  • Fintech
  • Cryptocurrency
  • Cyber Security
  • Hybrid Vehicles
  • Advertise with Us

©2026 VIJANDREN RAMADASS. ALL RIGHTS RESERVED.

No Result
View All Result
  • News
  • Forums
  • Laptops
  • Telco
  • Mobile
  • Gaming
  • Artificial Intelligence
  • Fintech
  • Cryptocurrency
  • Cyber Security
  • Hybrid Vehicles
  • Advertise with Us

©2026 VIJANDREN RAMADASS. ALL RIGHTS RESERVED.