Ubisoft DRM is a security risk

[BTAxis]

Someone notified me of this:
http://news.ycombinator.com/item?id=4311264

It seems Ubisoft's Uplay DRM can be used by evildoers to gain access to your computer. I tried it and it does seem legit. Uninstalling the Ubisoft Game Launcher helped though.

[Jams O'Donnell]

Waiting for a reliable news source. I'm skeptical that this is just scaremongering combined with "let's all hate Ubi" bandwagon-jumping.

[BTAxis]

Well like I said I tried that demonstration link they posted. It starts up Uplay, which then starts up calc.exe.

[Revisor]

Hacker News is a very reliable source.
And yes, this is real.

Disable the Uplay plugin(s) in your browser ASAP.

How to disable Uplay in Firefox:
Tools - Add-ons - Plugins - Disable the Uplay and Uplay PC Hub plugins

In Opera:
Settings - Preferences - Advanced - Downloads - Search "Uplay", delete

In Chrome:
Visit about:plugins and disable

To check the vulnerability, visit this page
http://pastehtml.com/view/c6gxl1a79.html

If your browser is vulnerable, Uplay will start and the Windows Calculator will run.

[Kiril]

I installed Ubisoft game launcher, and the link says missing plugin on both chrome and firefox. I can not play any Ubisoft game though. I am going to reinstall Uplay and see if they work.

It might be an easier way for limited bandwidth people to make sure they are safe, and not having to redownload games later

Edit: After a quick check it is only the Uplay or Ubisoft program that needs to be uninstalled. It will save on bandwidth as when this is patched and fixed you can just reinstall Uplay and be fine

Also worth noting, uplay doesn't work when Uplay window is open or when you are not logged in

[Sweedums]

Thanks for these instructions, i wouldn't have known otherwise!

[neema_t]

Good fucking lord.

[Eric]

Kaspersky stomped on the demonstration link for me. I've still removed the Uplay plugin though.

[Patrick Swayze]

Disabled.

Also they should add Anno 2070 to the list of affected games too.

But FFS Ubitard get your act together.

[Kadayi]

I'm skeptical that this is just scaremongering combined with "let's all hate Ubi" bandwagon-jumping.

Pretty much tbh. Have to love Alec basically telling the world to burn everything Ubisoft on the front page over what is at this stage a potential threat (Fox news has nothing on this place when it comes gross exaggeration especially involving either Ubi or EA). Fundamentally unless you're visiting some dodgy websites or clicking on links in emails from complete strangers you're likely safe and undoubtedly Ubi will patch this issue out ASAP. Naturally of course the indignation and handwringing will likely go on for ever. No doubt a few more articles will be squeezed out about it as well.

[Drake Sigar]

I use IE explorer (yeah yeah) and can't find any Uplay plugin...

Edit: Ah, there it is.

[Gorzan]

The indignation is logical, no matter what, this shouldn't have happened on the first time.

[Velko]

Why do they want to install a browser plugin in the first place?

[Kaira-]

Pretty much tbh. Have to love Alec basically telling the world to burn everything Ubisoft on the front page over what is at this stage a potential threat

Remotely accessing your computer and running software on it is quite a big deal, you know.

[E] Without your permission, obviously.

[Edit of an edit]: To expand on your "dodgy websites"-thought: you don't even need to visit dodgy websites. It wasn't that long ago when RPS itself had some dodgy JS-script embedded to the site via ad. One infected ad is all it takes to make a "nondodgy" website a security risk.

[Kadayi]

Remotely accessing your computer and running software on it is quite a big deal, you know.

[E] Without your permission, obviously.

Odds of happening Vs FUD.

[somini]

Well, disabling the plugins in Firefox works for me.
It's most likely that some intern coded this, and now it was discovered that it could be exploited, but I'm all for blowing this out of proportion so that Uplay is finally retired.

[Unaco]

Pretty much tbh. Have to love Alec basically telling the world to burn everything Ubisoft on the front page over what is at this stage a potential threat (Fox news has nothing on this place when it comes gross exaggeration especially involving either Ubi or EA).

Did you read the article? Or just see it was about UBI DRM and this and jump to conclusions? It's actually quite a restrained and measured article, considering. Here's a link, incase you missed it...

http://www.rockpapershotgun.com/2012...soft-pc-games/

An opening like...

"We’re currently investigating the full extent of this, but moralising and recrimination can come later. For now, the important thing is to warn folks who have certain Ubisoft games installed on their PCs that an apparent backdoor has been discovered in the Uplay infrastructure/DRM which may in theory allow any anyone so minded to install God knows what horrors on your PC."

... hardly sounds like Alec is getting the pitchfork mob, does it?

[Kadayi]

Did you read the article?

You mean the one that advocates this?:-

I urge you to uninstall it and any games that use it immediately, until we know more.

It's a web browser plugin. You can disable them. No need to nuke your entire Ubisoft game catalogue from Orbit as he advocates (should we maybe wipe our HDs and reinstall everything as well? Just to be absolutely certain? . Especially given for it to do anything, it is still reliant on you going to a compromised website (specifically orientated to exploit this particular plugins frailties) or clicking on a dodgy email link that does the same. Odds? Not high at this point in time tbh, and certainly not before it's patched out.

Did you read what I wrote? Or just see it was by me and jump to conclusions Unaco?

[Heliocentric]

Hacker News is a very reliable source.
And yes, this is real.

Disable the Uplay plugin(s) in your browser ASAP.

How to disable Uplay in Firefox:
Tools - Add-ons - Plugins - Disable the Uplay and Uplay PC Hub plugins

In Opera:
Settings - Preferences - Advanced - Downloads - Search "Uplay", delete

In Chrome:
Visit about:plugins and disable

To check the vulnerability, visit this page
http://pastehtml.com/view/c6gxl1a79.html

If your browser is vulnerable, Uplay will start and the Windows Calculator will run.

Internet explorer was secure? =LOLZ

[gundato]

kad: That IS a good response. It is like when there are food recalls due to diseases or chinese lead. The news will say something like "Currently, it appears this is limited to Mike Tyson's Chicken Nuggets, but we urge you to dispose of all Mike Tyson chicken products purchased between the dates of X and Y"