Ubisoft Caught Installing Exploitable DRM Plug-in on Users' Machines
July 30, 2012 11:44 AM
comment(s) - last by
Assasin's Creed installs dangerous software -- can we say "class action lawsuit"?
Google, Inc. (
) engineer Tavis Ormandy has created a world of woe for French
software giant Ubisoft
Entertainment S.A. (
) after he
that the company was endangering customers by installing dangerous software that opened a back-door to their machines.
Ubisoft is well known for its
franchises, as well as a number of Tom Clancy titles (e.g. the
series). But according to Mr. Ormandy, Ubisoft's recent software comes with a dangerous attachment -- a browser plugin designed to support the company's secured Uplay service.
The browser plug-in acts as an accidental Trojan, allows arbitrary code execution via the opened "door" inside the affected browser. Ubisoft uses the plugin to check if the installed title is valid, allowing gamers access to online play and achievements. But according to Mr. Ormandy hackers could also exploit the open door in escalation of privileges attacks on the users' machine.
Hundreds of thousands of PC gamers are believed to be affected.
Ubisoft Uplay browser plugin allowed unauthorized acceess to users' machines.
[Image Source: Geek.com]
Affected titles include 5
games, as well as popular titles such as
Driver: San Francisco
. Mr. Ormandy first observed the exploitable plug-in while installing
Assassin's Creed: Revelations
The exploitable plug-in came with installs of Assassin's Creed titles. [Image Source: IGN]
Ubisoft had already upset customers with its DRM scheme, as many complained that they had legitimately purchased titles, but were being locked out of gameplay when their machines were offline. Ubisoft defended this policy.
Now it may be forced to defend itself in court against class action lawsuits for endangering its loyal customers.
The incident is eerily reminiscent to the rootkit discovered on Sony Corp. (
) music CDs several years ago. Sony was
subsequently sued and forced into an apology/settlement
for recklessly endangering its users.
As the plug-in does not mask its presence, in its current form it is closer to an exploitable plug-in aka. an accidental Trojan than a rootkit by definition, hence the text was changed to correct this.
This article is over a month old, voting and posting comments is disabled
RE: DRM should be illegal
7/30/2012 1:59:28 PM
You're missing the point - this isn't like stealing a laptop that's been locked, thereby dissuading the "casual" thief.
There only has to be 1 person in the world who can defeat a given DRM thing and then post a torrent of the software. Then *boom* - everyone in the world who wants the product in a pirated format can have it. There's no valid analogy to locking a physical thing...because the person downloading the pirated copy doesn't have to do *anything* in order to get their pirated copy. Other than click a link, that is.You're missing the point - this isn't like stealing a laptop that's been locked, thereby dissuading the
RE: DRM should be illegal
7/30/2012 2:17:54 PM
DRM hugely inconveniences legal uses while doing nothing to hinder illegal activity.
Laptop locks are cumbersome to use, yet they do jack in protecting laptops from being stolen.
Granted, they're not the same things, but the premise is similar - in an attempt to thwart the one percent, they demonize the other 99%.
RE: DRM should be illegal
7/30/2012 2:57:52 PM
Laptop locks don't demonize the 99%, though. They are not forced on people and those who choose to use them don't negatively affect those who don't want them.
"I'd be pissed too, but you didn't have to go all Minority Report on his ass!" -- Jon Stewart on police raiding Gizmodo editor Jason Chen's home
"Call of Juarez: The Cartel" Angers Critics, May be Banned in Mexico
February 22, 2011, 10:01 AM
Assassin's Creed II Stabs Its Way to Success With 1.6 Million Units Sold
November 26, 2009, 9:00 AM
The EFF Wants You to Know About Sony BMG Settlement
March 13, 2006, 2:17 AM
EA Dev: Nintendo is "the Walking Dead"; Wii U is "Crap"
May 20, 2013, 11:27 AM
Sony Officially Announces Gran Turismo 6
May 16, 2013, 10:24 AM
Windows 8.1 Will Be Free; Microsoft Holds Onto Struggling ARM Variant
May 14, 2013, 2:57 PM
Report: 59 Million Windows 8 Devices Have Been Activated Since Launch
May 13, 2013, 3:33 PM
Quick Note: Windows 8.1 Public Preview Coming in June
May 7, 2013, 6:32 PM
Nintendo to Offer Smartphone Apps on Wii U
May 7, 2013, 12:00 PM
Most Popular Articles
High School Student Creates Storage Device that Can Charge in 20 Seconds
May 20, 2013, 6:51 AM
Google Announces "Pure" Galaxy Nexus S4 for $649, Android Updates
May 15, 2013, 1:42 PM
Seawater Cooling Saves Data Center Big Bucks, Energy, Despite Jellyfish Issues
May 17, 2013, 3:23 PM
U.S. Federal Traffic Board Wants to Make Drunk Driving Threshold Far Harsher
May 15, 2013, 11:32 AM
Newegg Legal Chief: "We don't Feed the Trolls"; Defeats Bell Lab Shell Comp.
May 17, 2013, 10:11 AM
Latest Blog Posts
Quick Note: Sony "Teases" PS4 Ahead of Xbox Reveal in New Video
May 20, 2013, 12:33 PM
Nokia Introduces Instagram-Like App of Its Own to Help Lumia Sales
May 20, 2013, 7:10 AM
Parents of Pre-Teen Drivers Commonly Practice Distracted Driving Says Study
May 9, 2013, 7:16 AM
Apple's iOS 7 Running Into Internal Delays Due to Massive Overhaul
May 1, 2013, 4:26 PM
Elon Musk Willing to Spend More Money on Widening of 405 Freeway
Apr 26, 2013, 7:28 PM
More Blog Posts
Copyright 2013 DailyTech LLC. -
Terms, Conditions & Privacy Information