Wednesday, August 17, 2022
  • Hype
  • Murai
  • Lipstiq
  • Diva
  • Varnam
  • Moviedash
  • Autofreaks
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Hardware
      • Compu-zone
      • Viewnet
      • Thundermatch
      • Sri Computers
    • Notebooks
      • Compu-zone
    • Smartphones
      • Thundermatch
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
No Result
View All Result
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Hardware
      • Compu-zone
      • Viewnet
      • Thundermatch
      • Sri Computers
    • Notebooks
      • Compu-zone
    • Smartphones
      • Thundermatch
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
No Result
View All Result
Lowyat.NET
No Result
View All Result
Home Gaming

HackerOne Rejects Steam Bug Report By Security Researchers; Valve Says This Was A Mistake

by Ian Chee
August 23, 2019
Steam Valve
41
SHARES
Share on FacebookShare on Twitter

Valve has recently courted controversy among those in the white-hat hacker circle. The company, via cybersecurity firm HackerOne, rejected a bug report by an independent security researcher. Said researcher was not only banned from reporting more bugs, but also found a second one of the same nature.

Security researcher Vasily Kravets first reported on a vulnerability on Steam that allowed existing malware in a Windows PC to gain admin access via the Steam app. Kravets then reported to HackerOne, only to be told that the vulnerability was out of scope. He then disclosed the vulnerability publicly earlier this month. This got him banned form reporting more bugs to Valve via HackerOne.

Valve issued a patch after the public disclosure, but another security researcher, Xiaoyin Liu said that it’s possible to bypass the fix. Kravets has also since found another vulnerability, which also gives existing malware admin rights.

ADVERTISEMENT

A third security researcher, Matt Nelson, also found one of the bugs discovered by Kravets. He, too, made a report to HackerOne, only to get the same response as Kravets did. Nelson then reported his discovery directly to Valve. The company acknowledged the report but told Nelson that he “shouldn’t expect any further communication”.

Valve claims to have since fixed both vulnerabilities, and updated its HackerOne program rules to state that bugs of such nature are within scope. The company chalked up the previous rejection of the bug report as a misinterpretation of of the bug bounty rules. All that said, it appears that Kravets’ ban from reporting more bugs has not yet been reversed.

(Source: Vasily Kravets via Ars Technica, TNW)

Follow us on Instagram, Facebook, Twitter or Telegram for more updates and breaking news. 

Tags: Malwaresteamvalve
Back to top
Share16Tweet10SendShare

ADVERTISEMENT

RELATED ARTICLES

Capcom Resident Evil Games Humble Bundle price
Deals

Humble Bundle Is Offering Ten Resident Evil Games For Just US$ 35

by Heirul Kamel
August 15, 2022
Steam Valve Epic Games Store NFT cryptocurrency blockchain
Gaming

Steam Allows Adding Free Games To Library Without Downloading

by Ian Chee
August 14, 2022
Nintendo Switch OLED Model screen protector Joy-Con
Gaming

Nintendo’s Joy-Cons To Be Fully Supported On Steam Via Future Update

by Heirul Kamel
August 6, 2022
Kominfo unblock
Internet

Indonesia Unbans Steam Following Regulation Compliance

by Ian Chee
August 3, 2022
Load More
No Result
View All Result

TRENDING TODAY

  1. 1
    Apps

    WhatsApp Is Giving You Two Whole Days To Delete Messages

  2. 2
    Telco

    Maxis And U Mobile Reportedly The Only Holdouts From DNB 5G Network

  3. 3
    Fintech

    Touch ‘n Go RFID Fuelling Finally Goes Official: Now Available At 88 Shell Stations

  4. 4
    Gaming

    HackerOne Rejects Steam Bug Report By Security Researchers; Valve Says This Was A Mistake

  5. 5
    Mobile Phones

    vivo Y35 Now Available In Malaysia For RM 1,099

Consumer Tech News & Reviews Malaysia

NETWORK

  • Hype
  • Murai
  • Lipstiq
  • Diva
  • Varnam
  • Moviedash
  • Autofreaks

ABOUT

  • Advertise
  • Careers
  • Privacy Statement
  • Contact Us
  • Editorial Policy
  • Terms & Conditions

©2022 LOWYAT MEDIA, LLC. ALL RIGHTS RESERVED.

No Result
View All Result
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Hardware
      • Compu-zone
      • Viewnet
      • Thundermatch
      • Sri Computers
    • Notebooks
      • Compu-zone
    • Smartphones
      • Thundermatch
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables

©2022 LOWYAT MEDIA, LLC. ALL RIGHTS RESERVED.

We use cookies to improve your experience. Learn More.