Report: Ubisoft's UPlay DRM contains dangerous security flaws
Code could allow malicious websites access to PC users' systems
Ubisoft's DRM system has been accused of allowing unprecedented access to users' PCs by potentially malicious websites, severely endangering the security of systems.
A post on SecList's full disclosure site by Google security engineer Tavis Ormandy claims that the vulnerability opens a backdoor for websites access the machines of any customer who has installed many of the publisher's most popular products on PC, including four Assassin's Creed titles and the latest Ghost Recon game.
"While on vacation recently I bought a video game called 'Assassin's Creed Revelations'. I didn't have much of a chance to play it, but it seems fun so far. However, I noticed the installation procedure creates a browser plugin for its accompanying UPlay launcher, which grants unexpectedly (at least to me) wide access to websites," explains Ormandy in the post.
Supplying a piece of code which is said to prove his theory, Ormandy invited others to test his theory a challenge which has been picked up elsewhere.
Digital Foundry has also examined the exploit, backing up Ormandy's claims but dismissing others who have likened the code to a malicious root kit.
"The implications here are cause for concern: the exploit could be used to install trojans or other rogue software on your PC," says Digital Foundry's Rich Leadbetter.
"Scripts could be set-up that would wipe any data on your PC where the user has access. It's highly unlikely that Ubisoft left this backdoor in here on purpose, but regardless, it appears to have all the hallmarks of a major oversight that the firm should be correcting as a matter of extreme urgency."
Leadbetter recommends that anyone who has installed a Ubisoft PC title from the list below take immediate action to limit the potential damage whilst they await an official response from Ubisoft.
"Anyone with a PC title installed using the U-Play system can prevent the exploit from working by disabling the UPlay browser plug-in - in theory, it's as simple as that. Stopping the browser from running the plug-in closes the backdoor, and without that crucial bridge, malicious HTML based on this exploit will not function."
Ubisoft has been contacted for comment.
Potentially affected titles
- Assassin's Creed II
- Assassin's Creed: Brotherhood
- Assassin's Creed: Project Legacy
- Assassin's Creed Revelations
- Assassin's Creed III
- Beowulf: The Game
- Call of Juarez: The Cartel
- Driver: San Francisco
- Heroes of Might and Magic VI
- Just Dance 3
- Prince of Persia: The Forgotten Sands
- Pure Football
- R.U.S.E.
- Shaun White Skateboarding
- Silent Hunter 5: Battle of the Atlantic
- The Settlers 7: Paths to a Kingdom
- Tom Clancy's H.A.W.X. 2
- Tom Clancy's Ghost Recon: Future Soldier
- Tom Clancy's Splinter Cell: Conviction
- Your Shape: Fitness Evolved