Ubisoft's Uplay DRM Could Pose Major Security Risk For PC Users

Posted July 30, 2012 - By Adam Rosenberg

Ubisoft Debuts Uplay Service With Assassin's Creed II

UPDATE: Ubisoft says it has patched the security flaw reported this morning.

Here's a simple explanation: Ubisoft's Uplay DRM quietly installs a browser plugin that could be exploited to give a malicious website control of your computer. So, no big deal or anything (it's actually a really big deal). A Google programmer named Tavis Ormandy discoved the security flaw and posted it on ycombinator (via Polygon), including a link with the post that allows people to see if they're at risk by having the plugin try to run the Windows calculator app (if Calc doesn't run, you don't have the plugin installed).

The list of affected game can roughly be summarized as "anything that uses Uplay," which means every Assassin's Creed game since AC2 (the first Uplay title), the most recent H.A.W.X., Splinter Cell, and Ghost Recon games, Driver: San Francisco, and a number of others. Console users don't have any reason to be alarmed; you might recognize Uplay as Ubi's network for in-game unlocks, but it also fills a copy protection role on the PC side.

It's unclear what Ubisoft is going to do (or is already doing) as a result of this discovery. We've reached out for comment and will update this post when there's more to say on the matter.


Ubisoft's Uplay DRM Could Pose Major Security Risk For PC Users


Blog Tags

  • International Sexy Ladies Show: Messy Cat Fight

    Posted: January 27, 2010

    644,696 Views | 00:49

  • Sara Underwood's Naked Bike Ride

    Posted: June 22, 2011

    1,316,284 Views | 05:20

  • Laser Snake Robots, More Mars Rovers and BigDog Is Back

    Posted: September 25, 2012

    1,290 Views | 03:00

  • NBA 2K13 Launch Trailer

    Posted: October 4, 2012

    5,601 Views | 01:53

  • Casual Vomiting - Web Soup Investigates

    Posted: March 30, 2011

    7,570 Views | 02:52