Valve Fixes RCE Exploit

Security researcher Florian tweets that Valve has patched the remote code execution bug he recently demonstrated. Word is Valve has given him permission to do a write-up on the situation:
Good news! Valve fixed my recent exploit and gave me permissions to disclose details. That being said, I am working on a detailed technical write-up which I am going to release soon. Stay tuned!