Gamers beware! Ars Technica:
A security flaw in Steam’s client service allows easy execution of arbitrary code as LOCALSYSTEM.
Earlier today, disgruntled security researcher Vasily Kravets released a zero-day vulnerability in the Windows version of the ubiquitous gaming service Steam.
Source: Severe local 0-Day escalation exploit found in Steam Client Services