Ubisoft Caught Installing Exploitable DRM Plug-in on Users' Machines
July 30, 2012 11:44 AM
Assasin's Creed installs dangerous software -- can we say "class action lawsuit"?
Google, Inc. (
) engineer Tavis Ormandy has created a world of woe for French
software giant Ubisoft
Entertainment S.A. (
) after he
that the company was endangering customers by installing dangerous software that opened a back-door to their machines.
Ubisoft is well known for its
franchises, as well as a number of Tom Clancy titles (e.g. the
series). But according to Mr. Ormandy, Ubisoft's recent software comes with a dangerous attachment -- a browser plugin designed to support the company's secured Uplay service.
The browser plug-in acts as an accidental Trojan, allows arbitrary code execution via the opened "door" inside the affected browser. Ubisoft uses the plugin to check if the installed title is valid, allowing gamers access to online play and achievements. But according to Mr. Ormandy hackers could also exploit the open door in escalation of privileges attacks on the users' machine.
Hundreds of thousands of PC gamers are believed to be affected.
Ubisoft Uplay browser plugin allowed unauthorized acceess to users' machines.
[Image Source: Geek.com]
Affected titles include 5
games, as well as popular titles such as
Driver: San Francisco
. Mr. Ormandy first observed the exploitable plug-in while installing
Assassin's Creed: Revelations
The exploitable plug-in came with installs of Assassin's Creed titles. [Image Source: IGN]
Ubisoft had already upset customers with its DRM scheme, as many complained that they had legitimately purchased titles, but were being locked out of gameplay when their machines were offline. Ubisoft defended this policy.
Now it may be forced to defend itself in court against class action lawsuits for endangering its loyal customers.
The incident is eerily reminiscent to the rootkit discovered on Sony Corp. (
) music CDs several years ago. Sony was
subsequently sued and forced into an apology/settlement
for recklessly endangering its users.
As the plug-in does not mask its presence, in its current form it is closer to an exploitable plug-in aka. an accidental Trojan than a rootkit by definition, hence the text was changed to correct this.
"And boy have we patented it!" -- Steve Jobs, Macworld 2007
"Call of Juarez: The Cartel" Angers Critics, May be Banned in Mexico
February 22, 2011, 10:01 AM
Assassin's Creed II Stabs Its Way to Success With 1.6 Million Units Sold
November 26, 2009, 9:00 AM
The EFF Wants You to Know About Sony BMG Settlement
March 13, 2006, 2:17 AM
More Security Issues for Yahoo
February 16, 2017, 7:45 AM
Android Instant Tethering Only Works for Pixel and Nexus Handsets
February 13, 2017, 7:30 AM
WhatsUp with WhatsApp?
August 29, 2016, 5:23 AM
Fuchsia – Google’s New Open Source Operating System
August 17, 2016, 6:30 AM
Windows 10: End of an Era & A New Beginning
August 1, 2016, 9:59 AM
Free Windows 10 offer ends July 29th, 2016: 10 Reasons to Upgrade Immediately
July 22, 2016, 9:19 PM
Most Popular Articles
Gigabit Are you looking for an Ultra Compact board?
February 22, 2017, 6:30 AM
Dell XPS 13 Touch – Rose Gold Edition
February 23, 2017, 7:29 AM
ASUS ROG Maximus IX - Among the Best of the Best
February 21, 2017, 7:50 AM
Comparison: Tag Heuer Connected Modular VS Samsung Gear S3
February 20, 2017, 7:20 AM
Xiaomi Mi Note 2 – This Chinese Phablet is the Best
February 24, 2017, 7:25 AM
Latest Blog Posts
How much Ram do you need for gaming?
Feb 27, 2017, 6:00 AM
Interesting News of the Day
Feb 25, 2017, 7:37 AM
AMD and More
Feb 24, 2017, 5:55 AM
Feb 23, 2017, 6:30 AM
Feb 21, 2017, 6:12 AM
Here is how startups are helping new parents in raising children
Feb 20, 2017, 6:45 AM
Around the World
Feb 18, 2017, 5:48 AM
News of Future
Feb 17, 2017, 6:30 AM
Amazon parachutes May Float Packages to Customers
Feb 16, 2017, 8:00 AM
Now you Can Watch Facebook on Your TV
Feb 15, 2017, 7:42 AM
Feb 14, 2017, 5:36 AM
Razer Blade Stealth – Little Kaby Lake Powerhouse
Feb 13, 2017, 7:50 AM
Android 7.0 Nougat 7.0 Update Bring Less Battery Life for Samsung Galaxy S7 & S7 Edge
Feb 12, 2017, 7:45 AM
Apple iPhone 8 – OLED Display & Wireless Charging
Feb 11, 2017, 8:09 AM
Feb 10, 2017, 6:15 AM
Feb 9, 2017, 6:00 AM
Eye catching news
Feb 8, 2017, 6:16 AM
Some World News
Feb 7, 2017, 6:15 AM
Feb 6, 2017, 10:11 AM
Feb 5, 2017, 7:27 AM
Notes and News
Feb 4, 2017, 5:53 AM
Feb 3, 2017, 5:30 AM
More Blog Posts
Copyright 2017 DailyTech LLC. -
Terms, Conditions & Privacy Information