News

Steam uses outdated Chromium browser

By admin
Spread the love

Steam uses the open source version of Google’s Chrome browser, Chromium. For that, Steam uses the penultimate stable version of the browser, number 47, which came out of the beta channel on December 1, 2015. The current stable version is number 48.

This could lead to potential vulnerabilities, Ghacks writes, especially since Steam doesn’t run Chromium in a sandbox, as witnessed by the –no-sandbox command. Running the browser in a sandbox provides better protection for users. The discovery that Chromium does not run in sandbox mode and is an outdated version was reported on Valve’s official GitHub page by GitHub user ekaris.

Valve is not alone in using the open source browser Chromium for its service. The browser is used by many companies to create their own browser implementation. The problem is that those browsers often don’t keep up with the most recent stable version of the browser. Recently, Google’s security team has started analyzing browsers based on Chromium and browser extensions.

Among other things, it found that antivirus company Avast was misusing the browser, allowing attackers to read all files on a system when users clicked on a particular link. For example, Comodo’s “security, speed and privacy” browser called Chromodo also had many security problems.

Issue 48 is the last stable version of Chromium and has been available since January 20, 2016. The release has squashed several bugs relative to number 47, including cve-2016-1612 with a bug in the Google V8 render engine and vulnerability cve-2016-1613 for the PDF implementation PDFium. Version 49 of the browser is currently in beta and is expected to arrive in the stable channel the week of March 8. Version 50 is still in the dev channel and should not be expected in stable before the week of April 19.

Recently, an NSA chief told Wired that Steam is a beloved vector for breaking into devices that employees take to the office. Whether that’s because of the browser or because of games with faulty security, the story doesn’t tell.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

Blizzard will release certain games via Steam, starting with Overwatch 2

News

EU Council determines position on security requirements for digital products

News

Microsoft and Activision Blizzard postpone acquisition deadline until October

News

Microsoft announces Bing Chat Enterprise and Copilot pricing for businesses

News

Meta introduces open source language model Llama 2, works on PCs and phones