Front Office Football Central - View Single Post

mckerney · 10-16-2012, 02:36 PM

No, it is not only a problem for users on Safari. Safari is the most vulnerable because it is the only major browser that will run Steam:// links without asking the user, though a browser asking the user if they want to run something has never been a completely effective measure. The other issue is that even though other browsers won't automatically run the links by default users may have used a Steam:// link before and told their browser to automatically run them in the future.

The exploit will also work without prompting the user with a webkit, which means anyone using the Steam or the Steam in game browser will be vulnerable.

10-16-2012, 02:36 PM	#598
mckerney Coordinator Join Date: Oct 2000	No, it is not only a problem for users on Safari. Safari is the most vulnerable because it is the only major browser that will run Steam:// links without asking the user, though a browser asking the user if they want to run something has never been a completely effective measure. The other issue is that even though other browsers won't automatically run the links by default users may have used a Steam:// link before and told their browser to automatically run them in the future. The exploit will also work without prompting the user with a webkit, which means anyone using the Steam or the Steam in game browser will be vulnerable. Last edited by mckerney : 10-16-2012 at 02:40 PM.