A Remote Code Execution Vulnerability in the Steam Client
https://youtu.be/0QaozC8S0Aw
Context Information Security
Published on May 30, 2018
This video demonstrates an attacker remotely launching the Windows calculator app on a fully patched version of Windows 10.
Read the full blog post on the corresponding bug which had existed in the Steam client for at least the last ten years, here: https://www.contextis.com/blog/frag-grenade-a-remote-code-execution-vulnerability-in-the-steam-client
STEAM has now patched this vulnerability.