The ‘Uplay’ digital rights management (DRM) software that comes with almost every game published by Ubisoft on the PC has been exposed as a rootkit by whitehat hacker Tavis Ormandy. Tavis is an information security engineer at Google.
The hacker published an exploit which allows anyone to take control of a Windows PC system with Uplay installed. The browser plugin that comes with Uplay is a security risk. Tavis writes:
“Your silly post reminded me of something, while on vacation recently I bought a video game called "Assassin's Creed Revelations". I didn't have much of a chance to play it, but it seems fun so far. However, I noticed the installation procedure creates a browser plugin for it's accompanying uplay launcher, which grants unexpectedly (at least to me) wide access to websites.”
In short, the Uplay software installs a rootkit on your system which allows any website with the appropriate code to take control of your computer.
Affected titles include:
Assassin's Creed II
Assassin's Creed: Brotherhood
Assassin's Creed: Project Legacy
Assassin's Creed Revelations
Assassin's Creed III (Tentative)
Beowulf: The Game
Brothers in Arms: Furious 4
Call of Juarez: The Cartel
Driver: San Francisco
From Dust
Heroes of Might and Magic VI
Just Dance 3
Prince of Persia: The Forgotten Sands
Pure Football
R.U.S.E.
Shaun White Skateboarding
Silent Hunter 5: Battle of the Atlantic
The Settlers 7: Paths to a Kingdom
Tom Clancy's H.A.W.X. 2
Tom Clancy's Ghost Recon: Future Soldier
Tom Clancy's Splinter Cell: Conviction
Your Shape: Fitness Evolved
Via Hacker News
