1. #1
    Share this post

  2. #2
    I just tried it, and the exploit works on my PC. Accessing a web page with the exploit, it was able to use Uplay to launch Windows Calculator without my permission.

    I'm uninstalling Driver and From Dust now, and hoping that is enough.
    Share this post

  3. #3
    How to disable Uplay in Firefox:
    Tools – Add-ons – Plugins – Disable the Uplay and Uplay PC Hub plugins


    In Opera:
    Settings – Preferences – Advanced – Downloads – Search “Uplay”, delete


    In Chrome:
    Visit about: plugins and disable
    Share this post

  4. #4
    Are we talking about the same uplay that didn't work 2 weeks ago?
    Probably our AV was blocking the browser plugin backdoor... But they "fixed" it!
    Share this post

  5. #5
    Its not a rootkit. its a really crappy written browser plug in that no where says its being installed. One more reason for me to never buy Ubisoft.
    Share this post

  6. #6
    Lawsuit time.
    Share this post

  7. #7
    Originally Posted by Ratboy422 Go to original post
    Its not a rootkit. its a really crappy written browser plug in that no where says its being installed. One more reason for me to never buy Ubisoft.
    Yea, that's my tough too. Launching a game via a web browser is always a bad idea, that's why I really dislike Battlefield 3. It is odd however, that this plugin can be used to launch non-uplay related programs. It's is relativaly easy to check if the program launch request is legit or not, or to make the plugin only launch 1 program with a parameter that state what game it is (something like: p.start('./uplay --ACR')) ... tus making it impossible to exploit the plugin...

    I am disapointed, not surprised, but disapointed by this...
    Share this post

  8. #8
    LOL, this example actually works.

    http://seclists.org/fulldisclosure/2012/Jul/375

    UBI coders actually used base64 to encode the name of the executable to be launched. FFS, that's n00bism of the highest level! Negligence and zero care for user's safety. Someone at UBI needs to get fired right now!

    Code:
    x.open("-orbit_product_id 1 -orbit_exe_path
    QzpcV0lORE9XU1xTWVNURU0zMlxDQUxDLkVYRQ== -uplay_steam_mode -uplay_dev_mode
    -uplay_dev_mode_auto_play")
    
    $ printf "C:\\WINDOWS\\SYSTEM32\\CALC.EXE" | base64
    QzpcV0lORE9XU1xTWVNURU0zMlxDQUxDLkVYRQ==
    Ubisoft needs to recall all the DVDs on the market right now. Installing this crap even for a second puts your PC in some serious danger!!!
    Share this post

  9. #9
    The only thing you need to do now is disabling the plugin in your browser.

    dex3108 posted how you do that.
    Share this post

  10. #10
    rmartinezdl's Avatar Banned
    Join Date
    May 2012
    Posts
    103

    **** you ubi****

    So you are telling me that...

    Uplay is a ****ing crappy DRM to prevent pircay?
    Yet every Ubisoft game is out there already pirated?
    And ME who actually BOUGHT the games, get a crappy DRM.
    And ME who actually BOUGHT the game get the risk of being hacked?

    hahaha F U C K ---- Y O U

    U-B-I-S-H-I-T
    Share this post

Page 1 of 4 123 ... Last ►►