Hacker Claims Ubisoft "Uplay" DRM Is A Rootkit And Poses Security RiskThe “Uplay” Digital rights Management (DRM) software that is bundled into almost every game published by Ubisoft for the PC is a rootkit and poses a serious security risk, claims Tavis Ormandy, an Information Security Engineer at Google.
A rootkit is a piece of malicious software (otherwise known as malware) that is designed to hide the existence of certain processes or programs from normal methods of detection and allow the software to have access to a system.
According to Ormandy, the “Uplay” software installs a browser plugin that allows websites to run code on the any PC running the plugin. This plugin is an ActiveX component and as such will only run in Internet Explorer.
The claim was made by Ormandy on a security mailing list called Full Disclosure.
Your silly post reminded me of something, while on vacation recently I bought a video game called “Assassin’s Creed Revelations”. I didn’t have much of a chance to play it, but it seems fun so far. However, I noticed the installation procedure creates a browser plugin for it’s accompanying uplay launcher, which grants unexpectedly (at least to me) wide access to websites.
Ormandy has also published code that he claims will allow this rootkit to be used to run programs on systems.Ubisoft titles affected by this include Assassin’s Creed II, Assassin’s Creed Revelations, Silent Hunter 5: Battle of the Atlantic, and Tom Clancy’s Splinter Cell: Conviction.
