Posted on Monday, July 30 2012 @ 17:48 CEST by Thomas De Maesschalck
The Tech Report
writes security researchers discovered that Ubisoft's Uplay DRM software quietly installs a browser plug-in that contains a backdoor. According to the report, all it takes is a maliciously crafted web page to execute arbitrary code on PCs with Ubisoft Uplay:
Tavis Ormandy, one of Google's security engineers, reportedly uncovered the backdoor and wrote about it on the Seclists.org mailing list on Sunday. Ormandy posted a few lines of JavaScript code as a tentative (and untested) proof of concept. The story made it onto Hacker News this morning, as did a working implementation of the proof of concept. According to the Hacker News post, the code was confirmed to work on a PC with Assassin's Creed on a Windows 7 system with Firefox installed. The proof of concept apparently loads up the Windows Calculator.
HackerNews says the following games come with Uplay software and may make users' PCs vulnerable:
Assassin's Creed II
Assassin's Creed: Brotherhood
Assassin's Creed: Project Legacy
Assassin's Creed Revelations
Assassin's Creed III
Beowulf: The Game
Brothers in Arms: Furious 4
Call of Juarez: The Cartel
Driver: San Francisco
Heroes of Might and Magic VI
Just Dance 3
Prince of Persia: The Forgotten Sands
Pure Football
R.U.S.E.
Shaun White Skateboarding
Silent Hunter 5: Battle of the Atlantic
The Settlers 7: Paths to a Kingdom
Tom Clancy's H.A.W.X. 2
Tom Clancy's Ghost Recon: Future Soldier
Tom Clancy's Splinter Cell: Conviction
Your Shape: Fitness Evolved
Details on how to disable the plug-in can be found
at Rock, Paper, Shotgun. The site also mentions that Ubisoft claims it has resolved the issue with Uplay version 2.04.
