We might as well be singing "Careful with that hax, Eugene," until this blows over

Apr 8, 2014 11:38 GMT  ·  By

It is recommended not to use any Steam services until Valve issues a fix for the recently discovered Heartbleed vulnerability, a bug in the popular OpenSSL cryptographic software library that two thirds of the Internet is using.

SteamDB warned the gaming community via Twitter to not use any Steam services, at least not until Valve issues a fix for a recently discovered vulnerability, pointing out that the vulnerability is especially dangerous for Steam partners.

The mysterious warning then revealed that the issue at hand is the Heartbleed Bug, a vulnerability that is dangerous to everyone, but especially dangerous to developers, because they deal with more sensitive content than regular users.

The recently discovered security weakness allows evildoers to steal the information that is normally protected by the SSL/TLS encryption used to secure communication over the Internet.

SSL (secure sockets layer) and TLS (transport layer security) provide security and privacy for all communication taking place over the Internet, for applications such as web, email, instant messaging and even some virtual private networks, and the Heartbleed bug allows anyone to read the memory of the systems protected by the versions of the OpenSSL software which contain the vulnerability.

The bad news is that as long as the vulnerable version of OpenSSL is in use, it can be abused without leaving a trace, and service providers have to install the appropriate fix as quickly as it becomes available in order to prevent further damage.