Go Back   TechArena Community > ARENA > Web News & Trends
Become a Member!
Forgot your username/password?
Register Tags Active Topics RSS Search Mark Forums Read

Sponsored Links

Uplay DRM Security Flaw Fixed by Ubisoft

Web News & Trends

Thread Tools Search this Thread
Old 31-07-2012
Join Date: May 2009
Posts: 2,880
Uplay DRM Security Flaw Fixed by Ubisoft

Players who use the online Uplay client, published by Ubisoft, are invited to update the software since the versions previously distributed suffered a security breach to obtain code execution remotely from a single Web page.

Tavis Ormandy, a security researcher at Google, has recently discovered the existence of a major security flaw in the browser extension system participant Uplay, published by Ubisoft and associated with many of its flagship titles.

Uplay is as a software client that serves as an entry point for accessing the user's Ubisoft games. The platform allows the publisher to include valuing the purchase of new games by distributing, via codes, or access to exclusive content. During installation, the executable will also invite uplay.exe within the user's browser via an extension (plugin), allowing the launch of a game directly from a Web page.

Problem that was discovered by Ormandy was, 2.0.3 and earlier versions of the Uplay installer were not limited to permit the execution of a game from the browser. Insufficiently secure, the plugin opened the way for remote code execution without verification.

The case was soon to hit the mainstream on the Web, not without causing its share of harsh criticism. Ubisoft has responded quickly, on Monday, by proposing an update of the Uplay client, now available in version 2.0.4. The players involved have a vested interest to uninstall the version installed on their system prior to updating. They can also disable the plugin automatically associated with their browser via the Extensions menu of the latter.

Reply With Quote
Old 31-07-2012
Join Date: Mar 2005
Posts: 552
Re: Uplay DRM Security Flaw Fixed by Ubisoft

A fault which, if exploited to fraudulently, allows to run any malware, spyware and other viruses hosted on another website. If you have not yet made the upgrade to Uplay 2.0.4 that fixes the flaw in question, it is better to disable the plugin to avoid. The list of games using Uplay on PC is very long and includes the biggest hits like Assassin's Creed series, Prince of Persia series, etc.
Reply With Quote

  TechArena Community > ARENA > Web News & Trends
Tags: , ,

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads for: "Uplay DRM Security Flaw Fixed by Ubisoft"
Thread Thread Starter Forum Replies Last Post
Trouble with simplying a fixed cost/fixed duration project plan stewart AFTS Microsoft Project 3 20-02-2012 07:02 PM
Will there be a siri security flaw in iPhone 4S? bIbEkS Portable Devices 6 11-10-2011 08:40 PM
Security flaw in Media Player Abhibhava Windows Software 5 08-01-2010 12:12 AM

All times are GMT +5.5. The time now is 11:12 PM.