CNET también está disponible en español.

Ir a español

Don't show this again

Tesla earnings AOC plays Among Us iPhone 12 and 12 Pro review Netflix subscriber growth NASA Osiris-Rex Stimulus negotiation reckoning MagSafe accessories for the iPhone 12

Steam fixed a bug that reportedly left PCs vulnerable for over 10 years

Good thing it's gone -- it was apparently a nasty one.

Nate Ralph/CNET

"Remote code execution vulnerability" isn't a phrase you want to hear when talking about your PC. It means someone could hack into your computer and launch nefarious programs without even being in the room. But according to Contextis security researcher Tom Court (via Motherboard), Valve's popular Steam game launcher has featured a remote code execution vulnerability for over a decade now.

The good news: It's already fixed. 

The fix happened quickly, too: Court says he told Valve about the bug on Feb. 20, and the company pushed out an initial fix just 8 hours later. By March 22, the bug was completely eliminated, according to Court. 

The bad news: If it's as bad as Court says it was (and demonstrates in the video above), millions upon millions of PC gamers were vulnerable for a very long time. Steam has as many as 15 million active users at any given moment, and total users are estimated above 125 million.

Valve didn't immediately respond to a request for comment, but an April changelog for the Steam Client does thank Court by name.

Now playing: Watch this: The Steam Link app brings your games to the small screen