Valve Patches Security Bug That Existed in Steam Client for the Past Ten Years May 31, 2018 https://www.bleepingcomputer.com/ne...isted-in-steam-client-for-the-past-ten-years/
Steam, its crappy service adds exception to Windows Firewall inbound connection list without any dialog or choice about it. They will not give that choice after that flaw too, I guess.
Rofl. Oh wow an app added a firewall exception the sky is falling, nothing ever does that! What a rubbish app!
There should be an option in the Steam preferences to disable that. All the features I am interested in works well without that inbound rule. I can remove that exception manually, but Steam is seeking changes in firewall exceptions and adds that again! Without my permission, consent or even knowledge! I would not know about it if I would not inspect my firewall rules! It is not acceptable! There are workaround such as managing firewall rules via Group Policy or chan, but this should not be necessary.
It's a necessary part of their networking API for peer to peer games, be happy they do not use UPnP, deal with it. https://partner.steamgames.com/doc/features/multiplayer/networking
Most of home users have NAT on routers, configured in manner they can not connect directly anyway. I am dealing with it by managing firewall rules by Group Policy. Fortunately Steam does not change settings applied by Group Policy. I am suprised that somebody on IT security forum justifies some non-security program messing with OS security settings without at least opt-out option.
Why aren't you using a tool like WFC? It will automatically block all inbound and outbound rules that are made by apps. And I freaking hate platforms like Steam, I still prefer to buy games on DVD. https://www.binisoft.org/wfc.php