SteamUnpowered

Buy this website

Uplay as vessel for malicious software

I usually like titles with a pun or something on those lines, attempting to find a funny side even in a disaster. Not this time. Not when the threat is so dangerous and imminent.

According to this article there’s a huge hole in Uplay’s browsers plugin which lets anybody run potentially anything on the victim’s computer.

I haven’t tested it personally having never installed Ubisoft’s Uplay and never planned to do so, but my second hand informations tell me it’s scary how easy and smooth is to manipulate Uplay customers through this exploit.

Not that I needed some more proof that any DRM system is the Bane (I haven’t watched latest Batman yet, I just liked the pop culture reference) of legit customers, but do you now?

 

Below here is the list of the game which are most vulnerable to this and which you should immediately uninstall before this exploit really goes out of hand.

 

Assassin's Creed II 
Assassin's Creed: Brotherhood 
Assassin's Creed: Project Legacy 
Assassin's Creed Revelations 
Assassin's Creed III 
Beowulf: The Game 
Brothers in Arms: Furious 4 
Call of Juarez: The Cartel 
Driver: San Francisco 
Heroes of Might and Magic VI 
Just Dance 3 
Prince of Persia: The Forgotten Sands 
Pure Football 
R.U.S.E. 
Shaun White Skateboarding 
Silent Hunter 5: Battle of the Atlantic 
The Settlers 7: Paths to a Kingdom 
Tom Clancy's H.A.W.X. 2 
Tom Clancy's Ghost Recon: Future Soldier 
Tom Clancy's Splinter Cell: Conviction 
Your Shape: Fitness Evolved

Posted

in

, ,

by

Hellfire

Tags:

, , ,

Comments

6 responses to “Uplay as vessel for malicious software”

  1. H4ndy Avatar
    H4ndy

    Close all browser and start UPlay, an update was release shortly after this news to adress this issue.

    Reply
  2. SilentBugler Avatar
    SilentBugler

    It’s not the games that are vulnerable or the uplay DRM itself, it’s UBI’s stupid browser plugins which uplay installs without asking you. Good old UBI essentially installs a trojan horse in your browser of choice. But they’ve supposedly patched it out already…

    Good thing I’m using 64x Firefox (along with ABP&NS, OF COURSE!) and UBI is too cheap to put out a x64 version of anything, my 86x Opera’s safe cause all plugins along with JS are disabled by default, and Explorer, amazingly enough, warns you about a suspicious action and asks you if you want to block it (I tried the test exploit). There’s also a HIPS-enabled firewall/antivirus, but as all my exploit tests were cut off on browser level that never came into play. *Smug!* *Smug!*

    See you next DRM exploit and remember:
    Inflicting violence upon UBI executives is not a crime in the eyes of God.

    Reply
  3. mik0 Avatar
    mik0

    control panel -> installed program -> uninstall Ubisoft games…

    Reply
  4. 0cube Avatar
    0cube

    Firefox: Go to Extras -> addons -> plugins and disable the 2 Uplay things…

    Reply
  5. ryuga81 Avatar
    ryuga81

    wait, what?

    what the hell is Uplay’s browser plugin? i don’t remember ever installing something like that…

    Reply
  6. stranded Avatar
    stranded

    Good thing I don’t have Ubisoft games.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.