Jump to content

Exploit Protection for Steam

exile360

By exile360
in Malwarebytes for Windows

 Share

Recommended Posts

exile360

exile360

Posted
Posted

Now that Steam on Windows (and OSX) uses the Chromium Embedded Framework, I'd like to see Steam added to the list of default shielded applications for Exploit Protection in Malwarebytes for Windows.  I don't believe it is currently shielded at all since Steam uses a very customized/embedded build of Chromium for rendering web content (the Steam client software has a web browser built into it with full browsing/rendering capabilities).  I assume that the embedded Chromium being used in Steam can be exploited/attacked just like any other build of the Chromium browser and I even discovered an executable called html5app_steam.exe so I assume this means it even supports HTML5 video/content rendering.

Link to post
Share on other sites
Ssherjj

Ssherjj

Posted
Posted
23 hours ago, exile360 said:

Now that Steam on Windows (and OSX) uses the Chromium Embedded Framework, I'd like to see Steam added to the list of default shielded applications for Exploit Protection in Malwarebytes for Windows.  I don't believe it is currently shielded at all since Steam uses a very customized/embedded build of Chromium for rendering web content (the Steam client software has a web browser built into it with full browsing/rendering capabilities).  I assume that the embedded Chromium being used in Steam can be exploited/attacked just like any other build of the Chromium browser and I even discovered an executable called html5app_steam.exe so I assume this means it even supports HTML5 video/content rendering.

Thank you @exile360for bringing this up. I wasn't aware that Steam used Chromium Embedded Framework. I really never thought of it before honestly. I've always thought that Steam could be exploited/attacked though but did not understand mechanics of it all until you explained it all.

I would urgently like to see Steam added to the list of default of shielded applications for Exploit Protection in Malwarebytes as well...

Link to post
Share on other sites
exile360

exile360

Posted
  • Author
Posted

Whenever Steam is running you should see multiple instances of steamwebhelper.exe in memory, similar to how Chrome has multiple 'chrome.exe' processes whenever the browser is running.  The file is located in the same folder as Steam's other executables, however the path is not required for the sake of adding a custom shield, only the exact process name/filename is needed.

Link to post
Share on other sites
  • 3 weeks later...
Living_Computer

Living_Computer

Posted
Posted

I think this applies to subprocesses too, right?

 

In that case this is really dangerous if you are playing a VAC protected game.

VAC could misinterpret this.

On Steams old dead forums people using EMET has gotten VAC bans, but that was years ago.

 

Just saying.

Link to post
Share on other sites
exile360

exile360

Posted
  • Author
Posted

The steamwebhelper process I mentioned shouldn't be a parent process of any games launched via Steam as that process is specifically just for the browser rendered content within the Steam UI itself.  It isn't used for launching any games or anything like that as far as I know so even injecting into that process shouldn't impact any DRM/copy protection on any games launched through Steam, at least as I understand it.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.