Valve patches security hole that enabled takeovers of Steam accounts

Valve has patched a bug in its Steam system that let an attacker easily take over an arbitrary account using nothing but the account's username.

The hijacking exploit took advantage of a hole in Steam's password recovery feature, which sends a recovery code to the registered e-mail address associated with the account. That e-mailed code needs to be entered on a form through the Steam web site, but an attacker could simply skip that code entry step, leaving the recovery code area blank, and...

What feeling does this article give you?

#hashtags to follow:

Valve [+]   

More #news: