Ubisoft Uplay DRM security hole exposed, promptly fixed

By on July 30, 2012, 1:00 PM

Ubisoft’s always-on DRM mechanisms have been a point among a majority of gamers who feel they are a hassle to paying customers and ineffective at thwarting pirates. Well, it appears that even more worrisome side-effects are possible too, with the revelation that installing the company's UPlay game management system can open up your computer to malicious code insertion through the web browser.

The flaw was disclosed by Google security engineer Tavis Ormandy this morning, who noted that a browser plugin installed alongside Uplay, meant to launch locally-stored games from the web, doesn't have a filter for what websites can use it. This essentially left an open door on thousands of machines that can be exploited via a maliciously crafted web page.

Ormandy posted a few lines of JavaScript code as a tentative proof of concept. The story later made it onto Hacker News and so did a working implementation of the proof of concept that launched the built-in calculator in Windows. The code was confirmed to work on a Windows 7 PC with Assassin's Creed and Firefox installed.

Ubisoft has since released an update for their browser plug-in (found in over 20 different titles) to address the issue. You can also disable the plug-in altogether in your browser settings. Below is the company’s official statement and the full list of games that install the plug-in in question:

“We have made a forced patch to correct the flaw in the browser plug-in for the Uplay PC application that was brought to our attention earlier today. We recommend that all Uplay users update their Uplay PC application without a Web browser open. This will allow the plug-in to update correctly. An updated version of the Uplay PC installer with the patch also is available from Uplay.com.

Ubisoft takes security issues very seriously, and we will continue to monitor all reports of vulnerabilities within our software and take swift action to resolve such issues.”

List of Uplay enabled games

  • Assassin’s Creed II
  • Assassin’s Creed: Brotherhood
  • Assassin’s Creed: Project Legacy
  • Assassin’s Creed Revelations
  • Assassin’s Creed III
  • Beowulf: The Game
  • Brothers in Arms: Furious 4
  • Call of Juarez: The Cartel
  • Driver: San Francisco
  • Heroes of Might and Magic VI
  • Just Dance 3
  • Prince of Persia: The Forgotten Sands
  • Pure Football
  • R.U.S.E.
  • Shaun White Skateboarding
  • Silent Hunter 5: Battle of the Atlantic
  • The Settlers 7: Paths to a Kingdom
  • Tom Clancy’s H.A.W.X. 2
  • Tom Clancy’s Ghost Recon: Future Soldier
  • Tom Clancy’s Splinter Cell: Conviction
  • Your Shape: Fitness Evolved



User Comments: 3

Got something to say? Post a comment
Guest said:

best thing about this article: knowing a new Brothers In Arms game is coming out :D

wujj123456 said:

Pretty sure Wings of Prey also uses uPlay. I was very disappointed to find this after purchase...

TS-56336 TS-56336 said:

Good to hear that a mandatory uPlay update rolled out despite the circumstance. I own Ghost Recon: Future Soldier with a uPlay account logged in.

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.