We have just released a paper [1], in which we prove that the current
implementation of the Steam Browser Protocol handling mechanism is an
excellent attack vector to exploit local issues in a remote fashion.
Steam [2] is the biggest gaming related digital delivery platform with
an audience of more than 50 million people and supporting several
different platforms including Windows, Mac OS and Linux.
A demonstrating video [3] is available.
[1] http://revuln.com/files/ReVuln_Steam_Browser_Protocol_Insecurity.pdf
[2] http://steampowered.com
[3] http://vimeo.com/51438866