Serious security hole found in Uplay (Ubisoft's DRM)

http://news.ycombinator.com/item?id=4311264

Apparently Uplay installs a rootkit, similar to that which Sony's music CD's installed on your computer a few years ago.

Games affected:

Assassin’s Creed II
Assassin’s Creed: Brotherhood
Assassin’s Creed: Project Legacy
Assassin’s Creed Revelations
Assassin’s Creed III
Beowulf: The Game
Brothers in Arms: Furious 4
Call of Juarez: The Cartel
Driver: San Francisco
Heroes of Might and Magic VI
Just Dance 3
Prince of Persia: The Forgotten Sands
Pure Football
R.U.S.E.
Shaun White Skateboarding
Silent Hunter 5: Battle of the Atlantic
The Settlers 7: Paths to a Kingdom
Tom Clancy’s H.A.W.X. 2
Tom Clancy’s Ghost Recon: Future Soldier
Tom Clancy’s Splinter Cell: Conviction
Your Shape: Fitness Evolved

Click to expand...

http://www.rockpapershotgun.com/2012/07/30/psa-possible-security-risk-in-some-ubisoft-pc-games/

Seems it's true, Uplay's browser plugin has a backdoor that allows anyone to take the control over your PC. Any malicious website can abuse it, as shown by Rock, Paper and Shotgun's test page:
http://www.rockpapershotgun.com/2012/07/30/psa-possible-security-risk-in-some-ubisoft-pc-games/

There is already a thread on Ubisoft forums:
http://forums.ubi.com/showthread.ph...llow-access-to-PC-files?p=8510607#post8510607

Anyway, if you have something that uses uplay installed like I do (HoMM 6), just disable/remove uplay's browser plugin and you're safe:

Firefox:
Tools – Add-ons – Plugins – Disable the Uplay and Uplay PC Hub plugins

Chrome:
Visit aboutlugins and disable

Opera:
Settings – Preferences – Advanced – Downloads – Search “Uplay”, delete

Click to expand...

It's not always installed it seems. I have HoMM6 but I don't have that in my Firefox. May be version related.

Some ppl on RPS posted that the plugin is not installed in their Chrome either. Dunno.
Better check and remove if it's there than being sorry later.

But with all this BS Ubisoft is doing with their crap excuse of DRM, EA will never grab the throne of the worst publisher in the world.

joxer said:

Some ppl on RPS posted that the plugin is not installed in their Chrome either. Dunno.
Better check and remove if it's there than being sorry later.

But with all this BS Ubisoft is doing with their crap excuse of DRM, EA will never grab the throne of the worst publisher in the world.

Click to expand...

I think the throne is just big enough for them to sit together.

They've updated a fix already with version 2.04 which is described as, “‘Fix addressing browser plugin. Plugin now only able to open uPlay application,” but some people on the forums said they weren't able to update.

to check if your browser has the version before this:

Firefox:
Tools – Add-ons – Plugins – Disable the Uplay and Uplay PC Hub plugins

Chrome:
Visit about: plugins and disable

Opera:
Settings – Preferences – Advanced – Downloads – Search “Uplay”, delete

Click to expand...

Annoys customers,doesn't stop piracy,requires constant connection and now security hole what is point of this DRM?

Yuck. It's true, seemingly : http://www.h-online.com/security/news/item/Ubisoft-DRM-opens-backdoor-1655653.html
This is the English version of the IT news site I trust most.

CrazyIrish said:

I think the throne is just big enough for them to sit together.

Click to expand...

Oh no, believe me, EA is like a minor baron compared to Ubisoft, the emperor of the Holy Roman Empire, Byzantine empire and the Golden Horde all in one.

It doesn't sound like this is a root kit but it does sound like an exceptionally horrific browser plugin. They just use base64 encoding for the name of the program to run when they only want to run a single program?? Yeah, that smells of outright negligance. What the Hades are they doing installing a browser plug-in with a game like Assassin's Creed 2, anyway?

Official Ubisoft response, such as it is: http://forums.ubi.com/showthread.php/699940-Uplay-PC-Patch-2-0-4-Security-fix

That Watch Dogs game is suddenly getting much less appealing. Or maybe play it on OnLive and let them deal with the security issues.

I also did not have it installed despite recently installing AC: Revelations. While it was a horrible plugin it could very easily have been used to execute any process on your machine as the currently logged in user just by visiting any website. Now getting malicious software to be installed so that this could run it locally is a little harder but then again this could be used to scrape all sorts of information off a machine.

Presumably they added it to the web browser because most people that have firewalls that would end up unblocking it. I certainly would have caught it if it was run as another process trying to send data back home but firefox is more exposed so I might not have though I use noscript which likely would have stopped it if it tried.

Yeah they are patching it to only allow their exe now but that was a huge oversight and the fact that they obfuscated some of it originally only makes it worse in my eyes.

That they didn't see it in the first place is a sign to me that

- protecting their business (games !) has a higher priority for them
- they didn't care about consumer security (not very consumer friedly !)

Which is a sign for me that this compsny was "taken over" by accountancy clercs (rather than consumer oriented clercs), too.

Maybe they don't care about consumers or maybe they just aren't smart enough to know that this was a super dumb idea. Either way, they scare me now.

Zloth said:

It doesn't sound like this is a root kit but it does sound like an exceptionally horrific browser plugin.

Click to expand...

You are right, it is not a rootkit. The whore ordeal reminded me so much about what Sony did a few years ago that my mind just jumped to that conclusion.

For you who don't know:
http://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootkit_scandal

And I think the most telling part about Sony's view of their customers was their comment on the situation, when it was first revealed:
"Most people, I think, don't even know what a rootkit is, so why should they care about it?"