UPDATED: Ubisoft DRM loophole allows remote hackers to access PCs

A potentially very serious issue with the PC DRM employed by Ubisoft seems to have left many gamers susceptible to hackers.

Rock Paper Shotgun reports that a problem with the Uplay/DRM infrastructure of a number of Ubisoft titles that allows websites to plant potentially malicious code onto the PCs of any visitors who have Uplay installed on their machines.

An attack using this method could easily be orchestrated by an email link. There have also been suggestions that the issue could in theory allow Ubisoft to omitor user’s machines.

This would be a serious breach of trust for any publishers, but for Ubisoft it’s a particularly damning blow. The company has already been beset with high-profile protests against its DRM, which can leave users unable to access single-player titles if technical problems occur.

This latest saga will certainly not help its case.

RPS is urging any gamers who have the following titles installed on their machine to uninstall both them and the Uplay applications as soon as possible. Here’s the list of games that are believed to be affected:

Assassin’s Creed II
Assassin’s Creed: Brotherhood
Assassin’s Creed: Project Legacy
Assassin’s Creed Revelations
Assassin’s Creed III
Beowulf: The Game
Brothers in Arms: Furious 4
Call of Juarez: The Cartel
Driver: San Francisco
Heroes of Might and Magic VI
Just Dance 3
Prince of Persia: The Forgotten Sands
Pure Football
Shaun White Skateboarding
Silent Hunter 5: Battle of the Atlantic
The Settlers 7: Paths to a Kingdom
Tom Clancy’s H.A.W.X. 2
Tom Clancy’s Ghost Recon: Future Soldier
Tom Clancy’s Splinter Cell: Conviction
Your Shape: Fitness Evolved

UPDATE: RPS now reports that the problem is with a browser plugin that Uplay places onto a user’s machine when it is installed. Removing this plugin prevents the issue from occurring.

About MCV Staff

Check Also

Iwinski Cyberpunk 2077 CDPR

CD Projekt Red’s Iwinski apologises and gives limited insight into Cyberpunk 2077 launch issues

Streaming in data for the dense open world city is the key culprit