A vulnerability in Valve’s Source SDK, a library used by game vendors to support custom mods and other features, allows a malicious actor to execute code on a user’s computer, and optionally install malware, such as ransomware, cryptocurrency miners, banking trojans, and others. The issue came to light today when security researcher Justin Taft of One Up Security published a report detailing his findings. The vulnerability is a simple buffer overflow in the Source SDK. The buffer overflow can be exploited by an attacker to append a piece of malicious code and execute it on a targeted machine.
View Full Story
ORIGINAL SOURCE: Bleeping Computer