Sections

Report: Ubisoft DRM rootkit may allow access to PC files

Monday, 30th July 2012 11:23 GMT By Dave Cook

Ubisoft’s DRM stance has had gamers riled up before, but a new discovery today, which suggests the developer’s Uplay system may include a rootkit that potentially opens up your PC’s contents to the world, has the potential to create more than a little annoyance.

According to Geek, Google information security engineer Tavis Ormandy discovered the potential issue after installing Assassin’s Creed: Revelations on his PC.

Ormandy noticed that Uplay installed a web browser plug-in that could theoretically grant access to your PC’s files. The install could make access possible via a backdoor from any website, and is said to come packaged with as many as 21 Ubisoft PC titles.

Here is the full list of potential ‘at-risk’ titles:

  • Assassin’s Creed II
  • Assassin’s Creed: Brotherhood
  • Assassin’s Creed: Project Legacy
  • Assassin’s Creed Revelations
  • Assassin’s Creed III
  • Beowulf: The Game
  • Brothers in Arms: Furious 4
  • Call of Juarez: The Cartel
  • Driver: San Francisco
  • Heroes of Might and Magic VI
  • Just Dance 3
  • Prince of Persia: The Forgotten Sands
  • Pure Football
  • R.U.S.E.
  • Shaun White Skateboarding
  • Silent Hunter 5: Battle of the Atlantic
  • The Settlers 7: Paths to a Kingdom
  • Tom Clancy’s H.A.W.X. 2
  • Tom Clancy’s Ghost Recon: Future Soldier
  • Tom Clancy’s Splinter Cell: Conviction
  • Your Shape: Fitness Evolved

The rootkit could enable, theoretically, continual access to your PC – as well as the option to control it – without your consent.

Typically, Uplay is a way for Ubisoft to check the legality of your game, track achievements, update leaderboards and other features.

However, if Ormandy’s findings are on the money, the potential rootkit issue could turn Uplay into a security concern.

Rock, Paper Shotgun has run a tutorial on how to disable the Uplay rootkit issue. Check it out right here.

We’re asking Ubisoft for comment now.

Latest

14 Comments

  1. Fin

    “potential” “theoretically” “could” “could” “theoretically” “potential” “could”

    Hm

    #1 2 years ago
  2. Dave Cook

    @1 Yeah man, we have to be VERY careful with allegations like this.

    #2 2 years ago
  3. Giskard

    @1 Einstein said those words about relativity. See how wrong he was!

    #3 2 years ago
  4. absolutezero

    Whats shocked me is that its taken this long to find out that Uplay is this bad and broken.

    #4 2 years ago
  5. Maximum Payne

    I am not in Danger Ubisoft,
    I AM THE DANGER!.

    Funny how some of those games aren’t release yet.

    #5 2 years ago
  6. GrimRita

    Maybe its time Ubi got off their moral high horse and pissed off, if this is all true.

    What is going on with publishers of late wanting to ‘spy’ on what their consumers are doing. Either way, I am ok, I dont purchase their shit any way

    #6 2 years ago
  7. DSB

    I am Jack’s complete lack of surprise.

    Ubisoft just doesn’t want to make the kind of money on the PC that everybody else does. How can you spend a pile of money on a DRM client that loses you most of your audience otherwise?

    #7 2 years ago
  8. Kristian

    This just re-affirms my boycott of them. The only Ubisoft PC games I have bought, have been from gog.com.

    #8 2 years ago
  9. TheWulf

    I haven’t bought a Ubisoft game in forever.

    Slightly smug about that, now.

    And rootkits are always a danger. It seems that no one hear remembers the Sony one. And people just aren’t well educated enough to actually be worried about them. Rootkits are trouble.

    But hey, wallow in your ignorance, rejoice in your unknowing bliss, yeah? Don’t mind me.

    And by this I mean: READ UP ON IT. I’m going to feel bad if I didn’t at least do something to get you bloody all too trusting goons to actually research the matter at hand.

    You are on the Internet, you have knowledge at your fingertips. Read.

    #9 2 years ago
  10. absolutezero

    Slightly smug.

    Oh you.

    #10 2 years ago
  11. Giskard

    @10 +1

    #11 2 years ago
  12. Gadzooks!

    I enjoy it when self satisfied preaching slimeballs pack thier ‘opinions’ in thier asses and leave for places where the residents actually enjoy being condescended to.

    If you dont agree with my opinion then you are a baby eating ogre with bad breath and really pronounced armpit sweat stains.

    Pure, uncut fact.

    #12 2 years ago
  13. Talkar

    Technically it isn’t a rootkit. A rootkit tries to hide itself or any other programs. If anything it is more of a browser extension exploit providing a back door. It is still extremely bad, but it isn’t exactly a root kit like sony’s DRM was…

    #13 2 years ago
  14. Patrick Garratt

    http://www.vg247.com/2012/07/30/ubisoft-issues-uplay-security-statement/

    #14 2 years ago

Comments are now closed on this article.