bit-tech.net

Ubisoft coughs to Uplay security flaw

Ubisoft coughs to Uplay security flaw

Ubisoft's Uplay software has a serious security flaw, but the company claims it never intended to create a 'rootkit.'

Ubisoft has denied reports that its Uplay technology, included in its games as part of its digital rights management (DRM) platform, installs a rootkit on gamers' systems, claiming that a security issue in its browser plugin was nothing more than a programming glitch.

First spotted by Google engineer Travis Ormandy, the flaw in the Uplay plugin is pretty serious: when installed in a Windows system running Firefox, Chrome, Opera or Internet Explorer, the Uplay plugin - which is installed silently and automatically alongside Ubisoft titles - allows malicious websites to bypass security systems and execute arbitrary code on the host PC by passing command line arguments to game executables, which can fool the system into executing any program at all.

When Ormandy's analysis was released, many claimed that Ubisoft had - in effect - created a 'rootkit,' a program designed to permit third parties secret access to the inner workings of a supposedly private system. It wouldn't be the first time a company has attempted such a thing in the name of piracy prevention: back in 2005 Sony got in trouble for automatically installing rootkit-like software on PCs that tried to play audio CDs from its Sony BMG arm.

Ubisoft, however, denies 'doing a Sony.' In a statement regarding the report, the company has claimed that the flaw - while very real, and very serious - was the result of an error rather than an act of malice.

'The issue is not a rootkit,' Ubisoft claims in its statement on the matter. 'The Uplay application has never included a rootkit. The issue was from a browser plug-in that Uplay PC utilises, which suffered from a coding error that allowed unintended access to systems usually used by Ubisoft PC game developers to make their games.'

The Ubisoft-approved solution for the flaw is to close your web browsers, launch the Uplay client and allow it to update automatically with a patch that fixes the browser plug-in flaw. A potentially more secure solution, however, is to remove the plug-in entirely from your browser using the Plugins or Add-Ons menu to find and remove the 'Uplay' and 'Uplay PC Hub' packages. Doing so should not affect the operation of the Uplay client.

10 Comments

Discuss in the forums Reply
Shirty 31st July 2012, 12:31 Quote
Perhaps we could merge this comment thread with this thread?
Griffter 31st July 2012, 14:27 Quote
i think we need to make more threads till everyone knows how corrupt most if not all businesses are, never mind games companies. under the stopping piracy claim, sounds alot like the war on terror claim which was also just full of ulterior motives. IMHO
jimmyjj 31st July 2012, 14:58 Quote
You know I was browsing my Chrome plug ins the other day and wondered why the hell Uplay needed a browser plug in.
John_T 31st July 2012, 16:48 Quote
Quote:
Originally Posted by Ubisoft
The issue is not a rootkit. The issue was from... ...a coding error.

To paraphrase Mandy Rice-Davies: Well they would say that, wouldn't they.
l3v1ck 31st July 2012, 17:46 Quote
Quote:
... the Uplay plugin - which is installed silently and automatically ...
Why doesn't ask persmission to install a plugin in the first place?
If I install something and it installs something else with out asking, I get very angry and would probably never download/buy anything from that company again.
Madness_3d 31st July 2012, 17:49 Quote
Surely if you use Chrome this browser plugin doesn't do anything anyway?
l3w1z 31st July 2012, 17:53 Quote
Reminds me of this interview GameSpy did: http://i.imgur.com/ZNs7p.jpg
theshadow2001 31st July 2012, 18:48 Quote
Why on earth does a game DRM need a browser plug-in anyway? Certainly if I had it installed that plugin would be getting the boot regardless of security flaws.
mdshann 1st August 2012, 01:17 Quote
Sounds like a Trojan to me, you think your installing a game but instead you end up with a malicious browser plugin.
dark_avenger 1st August 2012, 02:25 Quote
Just another reason why Ubisoft will not being getting my money.
Log in

You are not logged in, please login with your forum account below. If you don't already have an account please register to start contributing.



Discuss in the forums