Update: It looks as though Ubisoft has responded quickly to this issue and a Uplay update has already been released. As the screenshot below shows, the browser plug-in will no longer allow access to anything other than the Uplay application. Even so, this was a major oversight on Ubisoft?s part and I doubt this is the last we?ll hear of it.
Ubisoft is one publisher that has fully embraced the use of always-connected DRM in its games. They believe this cuts down of piracy, but at the same time it frustrates gamers who legitimately purchase Ubisoft titles because without a reliable Internet connection they can?t play the game they have bought.
Those same gamers may have another reason to get very angry with Ubisoft today. It has been discovered that the Uplay system Ubisoft uses to both check a game is legal and offer up gaming achievements, multiplayer, and additional content, actually contains a rootkit.
The discovery was made by Tavis Ormandy, and information security engineer at Google, when he installed Assassin?s Creed: Revelations on his laptop. He noticed that during the installation Uplay installed a browser plug-in that allows any website to gain access to your machine through a backdoor and take control of it.
The plug-in can be classed as a rootkit because it is thought to allow continued privileged access to a machine without a user?s consent. If this was limited just to the Uplay service with regard to checking games are legal it would still be a major concern, but the fact any website could potentially use the plugin escalates the seriousness of what is happening here.
The rootkit was only disclosed yesterday, so it?s unlikely anyone at Ubisoft has had time to look into the claims. What?s worrying in the number of games this affects due to their use of Uplay. In total there are 21 titles including 5 Assassin?s Creed games, 3 Tom Clancy games, as well as popular titles such as Driver: San Francisco, and Settlers 7, which together will mean potentially hundreds of thousands of PCs are at risk of being exploited.
We?ll keep an eye out for Ubisoft responding to the rootkit claims and let you know what they say. If they have been installing rootkits then we could see a backlash on the same scale as Sony faced back when it shipped a rootkit on music CDs a few years ago.
More at Seclists.org and discussion at HN
Source: http://www.geek.com/articles/games/ubisoft-uplay-drm-found-to-include-a-rootkit-20120730/
famu martina mcbride terry jones andy reid elf on the shelf elf on the shelf 2012 grammy nominations
কোন মন্তব্য নেই:
একটি মন্তব্য পোস্ট করুন