Ubisoft blames coding error for Uplay browser exploit

By Stephany Nunneley
31 July 2012 14:25 GMT

Ubisoft has said yesterday’s Uplay browser plug-in exploit was caused by a “coding error” and that the online service did not include a rootkit.

Speaking with Kotaku, a Ubisoft representative told the site: “The Uplay application has never included a rootkit. The issue was from a browser plug-in that Uplay PC utilizes which suffered from a coding error that allowed unintended access to systems usually used by Ubisoft PC game developers to make their games.

“The browser plugin that we used to launch the application through Uplay was able to take command line arguments that developers used to launch their games while they’re being made. This weakness could allow the application to specify any executable to run, rather than just a game. This means it was possible to launch another program on the machine.”

Yesterday, after the flaw in the system was found, an updated version of the Uplay PC installer with the patch was quickly released by Ubisoft.

Sometimes we include links to online retail stores. If you click on one and make a purchase we may receive a small commission. Read our policy.

VG247 logo

Buy our t-shirts, yeah

They're far more stylish than your average video game website tat.

VG247 merch