Ubisoft's Uplay DRM Could Pose Major Security Risk For PC Users

Posted July 30, 2012 - By Adam Rosenberg

Ubisoft Debuts Uplay Service With Assassin's Creed II

UPDATE: Ubisoft says it has patched the security flaw reported this morning.

Here's a simple explanation: Ubisoft's Uplay DRM quietly installs a browser plugin that could be exploited to give a malicious website control of your computer. So, no big deal or anything (it's actually a really big deal). A Google programmer named Tavis Ormandy discoved the security flaw and posted it on ycombinator (via Polygon), including a link with the post that allows people to see if they're at risk by having the plugin try to run the Windows calculator app (if Calc doesn't run, you don't have the plugin installed).

The list of affected game can roughly be summarized as "anything that uses Uplay," which means every Assassin's Creed game since AC2 (the first Uplay title), the most recent H.A.W.X., Splinter Cell, and Ghost Recon games, Driver: San Francisco, and a number of others. Console users don't have any reason to be alarmed; you might recognize Uplay as Ubi's network for in-game unlocks, but it also fills a copy protection role on the PC side.

It's unclear what Ubisoft is going to do (or is already doing) as a result of this discovery. We've reached out for comment and will update this post when there's more to say on the matter.


Ubisoft's Uplay DRM Could Pose Major Security Risk For PC Users


Blog Tags

  • Sara Underwood's Naked Bike Ride

    Posted: June 22, 2011

    1,308,633 Views | 05:20

  • International Sexy Ladies Show: Messy Cat Fight

    Posted: January 27, 2010

    636,662 Views | 00:49

  • Adult Star Kirsten Price Tests Kinect's Nude Filter

    Posted: November 12, 2010

    1,436,163 Views | 04:33

  • Best Nude Scenes in Video Games

    Posted: June 29, 2009

    1,523,031 Views | 03:12

  • International Sexy Ladies Show: Wrestling in Moscow

    Posted: June 19, 2009

    137,163 Views | 01:24