SK Hynix Considers U.S. ADR Listing to Boost Shareholder Value Amid Rising AI Chip Demand 
SpaceX Begins IPO Preparations as Wall Street Banks Line Up for Advisory Roles 
Apple App Store Injunction Largely Upheld as Appeals Court Rules on Epic Games Case 
TikTok U.S. Deal Advances as ByteDance Signs Binding Joint Venture Agreement 
Amazon in Talks to Invest $10 Billion in OpenAI as AI Firm Eyes $1 Trillion IPO Valuation 
Apple Explores India for iPhone Chip Assembly as Manufacturing Push Accelerates 
Oracle Stock Surges After Hours on TikTok Deal Optimism and OpenAI Fundraising Buzz 
iRobot Files for Chapter 11 Bankruptcy Amid Rising Competition and Tariff Pressures 
SoftBank Shares Slide as Oracle’s AI Spending Plans Fuel Market Jitters 
Australia’s Under-16 Social Media Ban Sparks Global Debate and Early Challenges 
Mizuho Raises Broadcom Price Target to $450 on Surging AI Chip Demand 
Republicans Raise National Security Concerns Over Intel’s Testing of China-Linked Chipmaking Tools 
Oracle Stock Slides After Blue Owl Exit Report, Company Says Michigan Data Center Talks Remain on Track 
Moore Threads Stock Slides After Risk Warning Despite 600% Surge Since IPO 
It was recently reported that a recent Steam update carried a security patch aimed at addressing a vulnerability that had been present for 10 years.
Valve’s digital distribution platform, Steam, received a client update last March 21 to which more fixes were added the following month. Users might have thought that this was a regular update like the previous ones that arrived. But security researcher Tom Court revealed in a blog that the said client update had more importance to it than most Steam customers initially thought.
Reports picked up Court’s blog where it was explained that a remote code execution vulnerability had been lurking around the Steam Client for at least the last 10 years, exposing over 125 million users to a cyber disaster waiting to happen. Luckily, Valve already came up with a fix and Steam customers have fewer things to worry about as long as they have the latest version of the Steam Client.
In fact, Valve gave Court a shoutout in the patch notes of the March 21 client update. The company said: “Fixed a crash when packets in a UDP connection were malformed in a particular way. Thanks to Tom Court from Context Information Security for reporting this issue.”
In Court’s blog post, he explained, “At its core, the vulnerability was a heap corruption within the Steam client library that could be remotely triggered, in an area of code that dealt with fragmented datagram reassembly from multiple received UDP packets."
The security researcher also uploaded a video to show how the vulnerability could have been exploited. Simply put, had the security flaw been found by attackers, they could easily take control of a target’s computer. In Court’s sample, he showed how the vulnerability allowed him to remotely control a computer’s calculator software.
Meanwhile, Valve maintains that they did not find any indication that the decade-old security issue was exploited before they rolled out the needed patch.
