Security Hole Shipped With Ubisoft Games Spotted, Fixed

Attackers can reportedly use a bug in the Uplay browser plugin from game publisher Ubisoft to run arbitrary code on the gamer`s PC.

Image credit: Ubisoft

The exploit was discovered by programmer Tavis Ormandy, a Google employee who successfully leveraged the bug in the browser plugin shipped with UPlay (a component that installs along with Ubisoft`s most recent gaming titles).

By simply pointing the browser equipped with the Uplay plugin to a special web page, an attacker can run malware on the user`s PC without any further notification or interaction. This is the exploitation of a feature designed to launch games from an embedded browser control used in a way game creators did not anticipate.

“While on vacation recently I bought a video game called Assassin’s Creed Revelations. I didn’t have much of a chance to play it, but it seems fun so far,“ wrote Ormandy on a security-related mailing list, as quoted by the BBC. “However, I noticed the installation procedure creates a browser plug-in for its accompanying Uplay launcher, which grants unexpectedly (at least to me) wide access to websites.“

Uninstalling the browser add-on will mitigate the issue, but will result in the loss of achievement and trophies. The game maker has already issued an emergency update for UPlay that also prevents the bug.

“We have just released a new patch for Uplay PC, which will update your client to version 2.0.4. This patch corrects a flaw in the browser plug-in that was brought to our attention earlier today,“ wrote Ubisoft on the official forum.

The bug affects extremely popular gaming titles such as the Assassin`s Creed series, Brothers In Arms, Call of Juarez, Driver: San Francisco, or Heroes of Might and Magic VI, among others.