Ubisoft coughs to Uplay security flaw

July 31, 2012 | 11:26

Tags: #browser-add-on #browser-plug-in #drm #firefox #flaw #internet-explorer #rootkit #security #uplay #vulnerability

Companies: #chrome #opera #ubisoft

Ubisoft has denied reports that its Uplay technology, included in its games as part of its digital rights management (DRM) platform, installs a rootkit on gamers' systems, claiming that a security issue in its browser plugin was nothing more than a programming glitch.

First spotted by Google engineer Travis Ormandy, the flaw in the Uplay plugin is pretty serious: when installed in a Windows system running Firefox, Chrome, Opera or Internet Explorer, the Uplay plugin - which is installed silently and automatically alongside Ubisoft titles - allows malicious websites to bypass security systems and execute arbitrary code on the host PC by passing command line arguments to game executables, which can fool the system into executing any program at all.

When Ormandy's analysis was released, many claimed that Ubisoft had - in effect - created a 'rootkit,' a program designed to permit third parties secret access to the inner workings of a supposedly private system. It wouldn't be the first time a company has attempted such a thing in the name of piracy prevention: back in 2005 Sony got in trouble for automatically installing rootkit-like software on PCs that tried to play audio CDs from its Sony BMG arm.

Ubisoft, however, denies 'doing a Sony.' In a statement regarding the report, the company has claimed that the flaw - while very real, and very serious - was the result of an error rather than an act of malice.

'The issue is not a rootkit,' Ubisoft claims in its statement on the matter. 'The Uplay application has never included a rootkit. The issue was from a browser plug-in that Uplay PC utilises, which suffered from a coding error that allowed unintended access to systems usually used by Ubisoft PC game developers to make their games.'

The Ubisoft-approved solution for the flaw is to close your web browsers, launch the Uplay client and allow it to update automatically with a patch that fixes the browser plug-in flaw. A potentially more secure solution, however, is to remove the plug-in entirely from your browser using the Plugins or Add-Ons menu to find and remove the 'Uplay' and 'Uplay PC Hub' packages. Doing so should not affect the operation of the Uplay client.
Discuss this in the forums
YouTube logo
MSI MPG Velox 100R Chassis Review

October 14 2021 | 15:04