The security researcher who recently disclosed a zero-day privilege escalation flaw in Steam because the developer had dismissed the issue, has now released a second flaw of the same type in the highly popular video game distribution platform by Valve.
After the researcher publicly disclosed the first flaw, Valve banned him from their bug bounty program, prompting him to make the second zero-day public as well. The vulnerability, which the researcher says is easy to exploit, puts tens of millions of Steam users at risk.
Read more: Researcher Discloses Second Steam Zero-Day After Valve Bug Bounty Ban