UPDATE: Ubisoft says it has patched the security flaw reported this morning.
Here's a simple explanation: Ubisoft's Uplay DRM quietly installs a browser plugin that could be exploited to give a malicious website control of your computer. So, no big deal or anything (it's actually a really big deal). A Google programmer named Tavis Ormandy discoved the security flaw and posted it on ycombinator (via Polygon), including a link with the post that allows people to see if they're at risk by having the plugin try to run the Windows calculator app (if Calc doesn't run, you don't have the plugin installed).
The list of affected game can roughly be summarized as "anything that uses Uplay," which means every Assassin's Creed game since AC2 (the first Uplay title), the most recent H.A.W.X., Splinter Cell, and Ghost Recon games, Driver: San Francisco, and a number of others. Console users don't have any reason to be alarmed; you might recognize Uplay as Ubi's network for in-game unlocks, but it also fills a copy protection role on the PC side.
It's unclear what Ubisoft is going to do (or is already doing) as a result of this discovery. We've reached out for comment and will update this post when there's more to say on the matter.
Comments