All Discussions > Steam Forums > Help and Tips > Topic Details
Uz1 Aug 22, 2023 @ 3:44am
Can steam overlay's web browser infect your pc with viruses from malicious websites ?
Yesterday I was using reddit using steam overlay's web browser and I stumbled upon something that appeared to be a video cause it had that play button and a blurry background image. It had an interesting title ( i'm not gonna get into details ) so i clicked it then it lead me to another website, I instantly knew it wasn't what i was waiting for so i closed it immediately. I was abit confused so i went ahead and checked the comments and to my surprise people said it's a fake video that leads to a malicious website which can infect your computer via an exploit called '' drive-by-download''. so the reason i started this discussion is to ask you if steam can transport viruses directly into my pc if there was any virus at all ( cause I closed the website very fast ) as I haven't noticed any strange activity on my accounts or anything else to this moment and even my anti virus hasn't detected anything. i'm still a little concerned though is there anything else i can do to make sure that my pc is all fine ?
Thank you
The author of this topic has marked a post as the answer to their question.
Click here to jump to that post.
Originally posted by wuddih:
the standard attack vector of a drive-by-download still requires the victim to execute the downloaded file willingly.
using Steam itself. downloads are generally omitted in Steams implementation of CEF and not even possible to be executed by the user.

in that regard Steam is safe to use. the story changes if a normal webbrowser is used to do the same things.

in other regards, Steams CEF implementation should already have been updated years ago. not just next year.

the pit point is:
do no use Steams embedded browser for anything else than Steam. then you are mostly safe.
< >
Showing 1-3 of 3 comments
Lithurge Aug 22, 2023 @ 3:57am 
It's a web browser, it's based on Chromium so in theory yes it can potentially be a vector, but it's unlikely. These things generally rely on out of date software that hasn't been patched to block exploits.

Run your antivirus to be safe. If you don't have one you can use housecall from trend micro for free.
#1
The author of this thread has indicated that this post answers the original topic.
wuddih Aug 22, 2023 @ 4:10am 
the standard attack vector of a drive-by-download still requires the victim to execute the downloaded file willingly.
using Steam itself. downloads are generally omitted in Steams implementation of CEF and not even possible to be executed by the user.

in that regard Steam is safe to use. the story changes if a normal webbrowser is used to do the same things.

in other regards, Steams CEF implementation should already have been updated years ago. not just next year.

the pit point is:
do no use Steams embedded browser for anything else than Steam. then you are mostly safe.
Last edited by wuddih; Aug 22, 2023 @ 4:11am
#2
Uz1 Aug 22, 2023 @ 4:37am 
Originally posted by wuddih:
the standard attack vector of a drive-by-download still requires the victim to execute the downloaded file willingly.
using Steam itself. downloads are generally omitted in Steams implementation of CEF and not even possible to be executed by the user.

in that regard Steam is safe to use. the story changes if a normal webbrowser is used to do the same things.

in other regards, Steams CEF implementation should already have been updated years ago. not just next year.

the pit point is:
do no use Steams embedded browser for anything else than Steam. then you are mostly safe.
Thank you my friend i'm so relieved
#3
< >
Showing 1-3 of 3 comments
Per page: 1530 50

All Discussions > Steam Forums > Help and Tips > Topic Details
Date Posted: Aug 22, 2023 @ 3:44am
Posts: 3
Start a New Discussion

Discussions Rules and Guidelines