Ubisoft's uPlay DRM Security Flaw Leaves Gamers Open To Hackers

(Update: According to a post on Neogaf, uPlay has been updated today and the rootkit exploit has been patched.)

As if you needed an added reason to hate DRM -- the only security prevention method that hinders legit consumers and rewards pirates -- Ubisoft's uPlay client has been put under the microscope and it turns out that there's a security loophole that makes gamers very vulnerable to a number of exploits. Of course, gamers with pirated copies of Ubisoft titles are 100% safe.

GameIndustry.biz is reporting on the incident that was discovered over at SecList. According to a security engineer named Travis Ormandy, he ran into the uPlay problem while on vacation, saying...

"While on vacation recently I bought a video game called 'Assassin's Creed Revelations'. I didn't have much of a chance to play it, but it seems fun so far. However, I noticed the installation procedure creates a browser plugin for its accompanying UPlay launcher, which grants unexpectedly (at least to me) wide access to websites,"I don't know if it's by design, but I thought I'd mention it here in case someone else wants to look into it (I'm not really interested in video game security, I air-gap the machine I use to play games). A few minutes in IDA suggests this might work (untested):x = document.createElement('OBJECT');x.type = "application/x-uplaypc";document.body.appendChild(x);x.open("-orbit_product_id 1 -orbit_exe_pathQzpcV0lORE9XU1xTWVNURU0zMlxDQUxDLkVYRQ== -uplay_steam_mode -uplay_dev_mode-uplay_dev_mode_auto_play")$ printf "C:\\WINDOWS\\SYSTEM32\\CALC.EXE" | base64QzpcV0lORE9XU1xTWVNURU0zMlxDQUxDLkVYRQ==If someone wants to investigate further, please feel free to do so.Tavis.

His findings were later tested and re-tested by a number of other professionals, and according to CVG the uPlay browser's susceptibility to malware is quite high, however an IT expert states that a rootkit is not exposed.

The best bet for now is to disable the uPlay browser until Ubisoft gets it fixed, however a lot of gamers across the interwebs believe that Ubisoft probably won't fix it since they think 90% of PC gamers are pirates. In this regards, I'd have to suggest that people do pirate Ubisoft games in order to protect their PCs from hackers.

A list of Ubisoft's PC games that are affected by the uPlay browser and potentially puts your PC at risk are listed below. Can we finally get rid of DRM now or do we need more class-action lawsuits?

Assassin's Creed II

Assassin's Creed: Brotherhood

Assassin's Creed: Project Legacy

Assassin's Creed Revelations

Assassin's Creed III

Beowulf: The Game

Call of Juarez: The Cartel

Driver: San Francisco

Heroes of Might and Magic VI

Just Dance 3

Prince of Persia: The Forgotten Sands

Pure Football

R.U.S.E.

Shaun White Skateboarding

Silent Hunter 5: Battle of the Atlantic

The Settlers 7: Paths to a Kingdom

Tom Clancy's H.A.W.X. 2

Tom Clancy's Ghost Recon: Future Soldier

Tom Clancy's Splinter Cell: Conviction

Your Shape: Fitness Evolved

Will Usher

Staff Writer at CinemaBlend.