Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 37

Thread: Ubisoft DRM rootkit may allow access to PC files | Forums

  1. #11
    Well, I'm sure they'll fix it, but that doesn't fix things moving forward, specifically trust. Say they fix it, then what's next? I'll always have to worry when Uplay is going to have another terrible issue, and knowing the issue could possibly compromise my PC makes that all the worse. Suffice to say, I'm done with any product that requires the use of Uplay. Hell, I didn't even realize I had two browser plug-ins installed by using it, and I'm fairly thorough when it comes to PC maintenance and what have you. That's dirty in and of itself. Uplay is untrustworthy, it's dangerous, and it's only necessary for those of us who have paid for licenses to Ubisoft PC games. We're paying these people's rent, mortgage, feeding and clothing their families, and this is the respect we get? When Uplay is scrapped, not fixed, scrapped, since it can't be trusted, I'll consider buying more Ubisoft products and stop educating any gamer I come into contact with, that buying Ubisoft products is not in their best interest.

  2. #12
    Quote Originally Posted by Andre202 View Post
    The only thing you need to do now is disabling the plugin in your browser.

    dex3108 posted how you do that.
    "For now" and "maybe." However, that begs the question, if we can disable these two plug-ins, which were stealth installed, then why are they even there to begin with? What uses them, when does it use them, what's this going to keep me from playing, and if they were installed silently, which they were, then they can be activated silently, so when and what causes that? It's way too much crap to have to deal with, when after all, we're the ones who paid to play their games, we're not the bad guys here.

  3. #13
    Ubisoft UPlay has serious security vulnerability

    By Richard Leadbetter Published 30 July, 2012

    Backdoor access could launch malicious code or even wipe your PC.



    Ubisoft's UPlay client appears to host a serious security vulnerability that could allow malicious websites to take control of your PC, according to programmer Tavis Ormandy, posting on the SecLists.Org's "full disclosure" mailing list. The vulnerability affects anyone with key Ubisoft games installed, including several Assassin's Creed releases (AC2 to Revelations), HAWX 2, Splinter Cell: Conviction and Ghost Recon: Future Soldier.
    "While on vacation recently I bought a video game called 'Assassin's Creed Revelations'. I didn't have much of a chance to play it, but it seems fun so far. However, I noticed the installation procedure creates a browser plugin for its accompanying UPlay launcher, which grants unexpectedly (at least to me) wide access to websites," Ormandy notes.
    "I don't know if it's by design, but I thought I'd mention it here in case someone else wants to look into it (I'm not really interested in video game security, I air-gap the machine I use to play games)."
    Ormandy also supplied a proof of concept demonstrating the security hole. Accessing a specific website set-up with his code sees UPlay booted, and the standard Windows calculator program then runs completely independently of user input. We tested it by accessing the link after installing Assassin's Creed 2, and updating UPlay to the latest version. Suffice to say that browser-based scripts should not be able to run any kind of executable code outside of the browser, but that's exactly what happens.
    The implications here are cause for concern: the exploit could be used to install trojans or other rogue software on your PC. Scripts could be set-up that would wipe any data on your PC where the user has access. It's highly unlikely that Ubisoft left this backdoor in here on purpose, but regardless, it appears to have all the hallmarks of a major oversight that the firm should be correcting as a matter of extreme urgency.
    Also, accusations have been levelled that UPlay is a "root kit", suggesting that it is something that hides itself by hijacking essential system tools and prevents them from showing the attacker's files. We've found nothing to suggest that UPlay has any kind of malicious intent along those lines, and while it looks like a highly significant lapse in security we don't think it can provide hackers with root access to your PC. Windows UAC should kick in whenever any such attempts are made.
    So, how to protect yourself? Anyone with a PC title installed using the UPlay system can prevent the exploit from working by disabling the UPlay browser plug-in - in theory, it's as simple as that. Stopping the browser from running the plug-in closes the backdoor, and without that crucial bridge, malicious HTML based on this exploit will not function.
    Ubisoft had no comment for Eurogamer when approached about the matter.



    http://www.eurogamer.net/articles/di...-vulnerability

    The long list of reasons why i or anyone that i know with a brain would not buy any ubisoft games again , Ubi and the way it implements DRM have always been screwed up,

    Lots of other games publishers don't work in this way ,why does ubi always have to be different , harking on about piracy and assumed loss of sales when in reality that's not the main reason why sales are down, But it's things like this,and all the other things like unfixed game bugs ,a outdated method used to interconnect online players,hosts, the failure to make it possible for games to be hosted globally by 3rd party servers,(where the end user can rent access to a server and host the game independently ) so no more relying solely on the ubi master server system in Canada for online gameplay, or even to play single player on some games ,

  4. #14
    http://www.eurogamer.net/articles/di...-vulnerability

    This is where I found out. Now it is speculated that UAC will kick in and stop any malicious intent, but this is NOT TRUE. UAC is nearly as bad as Uplay, but you can actually turn it off. It's well known that you can run a .dll from rundll without UAC interfering, and there are numerous ways to switch it off without user input. I've actually turned it off anyway since it causes so many problems and isn't exactly a security feature, like a single meter of electric fence around an acre of land.

    SO, do we need more proof? Adding 'dangerously careless' to the list of Ubisoft traits. I've already promised not to buy any more games from them but I can now legitimately go around telling everyone they come with malware.

    The irony is that I had a post removed for 'illegal advice' a little while ago. Funny stuff.

  5. #15

    Ak838p

    UAC will only kick in if the program requests admin rights or tries to use the Windows Installer. Just running some random thing - like a telnet session to the hacker's server won't trigger it and at this point the hacker can pretty much use your PC for anything - DDOS attacks, hacking others, stealing your personal info from My Documents or other places.

  6. #16
    uPlay update 2.0.4: 'Fix addressing browser plugin. Plugin now only able to open uPlay application.'

    Well, that was fast.

  7. #17
    Yes, it was but you need to actually start UPLAY in order to get it. At this point all those people who haven't been playing UBI games for a while but have them on disk are still affected. UBI should mail all it's customers to tell them they absolutely must allow this update! The exploit is so easy to use that anyone can use it and you can expect tons of hacks on the web!

    Also, those that install a game from a DVD but postpone updating it will also be at risk (all the DVDs still on store shelves should be replaced).

  8. #18
    Senior Member Compassghost's Avatar
    Join Date
    Feb 2009
    Posts
    2,568
    Quote Originally Posted by kanetsb View Post
    Yes, it was but you need to actually start UPLAY in order to get it. At this point all those people who haven't been playing UBI games for a while but have them on disk are still affected. UBI should mail all it's customers to tell them they absolutely must allow this update! The exploit is so easy to use that anyone can use it and you can expect tons of hacks on the web!

    Also, those that install a game from a DVD but postpone updating it will also be at risk (all the DVDs still on store shelves should be replaced).
    That would only apply if this was in UPlay 1.0 as well, which would be unlikely if it went undetected this long.


  9. #19
    Quote Originally Posted by derfy2 View Post
    uPlay update 2.0.4: 'Fix addressing browser plugin. Plugin now only able to open uPlay application.'
    how do you get that update? i'm still on 2.0.3.

    also, how to disable the plug-in in Internet Explorer? it's not listed among the add-ons.

  10. #20
    wow, nice work

Page 2 of 4 FirstFirst 1234 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •