Report: Ubisoft DRM rootkit may allow access to PC files

Monday, 30 July 2012 11:23 GMT By Dave Cook

Ubisoft’s DRM stance has had gamers riled up before, but a new discovery today, which suggests the developer’s Uplay system may include a rootkit that potentially opens up your PC’s contents to the world, has the potential to create more than a little annoyance.

According to Geek, Google information security engineer Tavis Ormandy discovered the potential issue after installing Assassin’s Creed: Revelations on his PC.

Ormandy noticed that Uplay installed a web browser plug-in that could theoretically grant access to your PC’s files. The install could make access possible via a backdoor from any website, and is said to come packaged with as many as 21 Ubisoft PC titles.

Here is the full list of potential ‘at-risk’ titles:

  • Assassin’s Creed II
  • Assassin’s Creed: Brotherhood
  • Assassin’s Creed: Project Legacy
  • Assassin’s Creed Revelations
  • Assassin’s Creed III
  • Beowulf: The Game
  • Brothers in Arms: Furious 4
  • Call of Juarez: The Cartel
  • Driver: San Francisco
  • Heroes of Might and Magic VI
  • Just Dance 3
  • Prince of Persia: The Forgotten Sands
  • Pure Football
  • R.U.S.E.
  • Shaun White Skateboarding
  • Silent Hunter 5: Battle of the Atlantic
  • The Settlers 7: Paths to a Kingdom
  • Tom Clancy’s H.A.W.X. 2
  • Tom Clancy’s Ghost Recon: Future Soldier
  • Tom Clancy’s Splinter Cell: Conviction
  • Your Shape: Fitness Evolved

The rootkit could enable, theoretically, continual access to your PC – as well as the option to control it – without your consent.

Typically, Uplay is a way for Ubisoft to check the legality of your game, track achievements, update leaderboards and other features.

However, if Ormandy’s findings are on the money, the potential rootkit issue could turn Uplay into a security concern.

Rock, Paper Shotgun has run a tutorial on how to disable the Uplay rootkit issue. Check it out right here.

We’re asking Ubisoft for comment now.

Latest