The popular Steam game client for Windows has a zero-day privilege escalation vulnerability that can allow an attacker with limited permissions to run a program as an administrator. Two researchers publicly disclosed a vulnerability for the Steam client after Valve determined that the flaw was “Not Applicable”” When the vulnerability was submitted to Valve’s bug bounty program on HackerOne
Source: security