Tuesday, 31 July 2012 09:04

Ubisoft Denies UPlay Is A Rookit, Fixes The Exploit With A Patch

Written by
Rate this item
(0 votes)

Reading time is around minutes.

Ubisoft has responded to the claims that its UPlay DRM software is a rootkit that enabled them (and anyone else) to install arbitrary code on systems that it was installed on. The original claim was from developer Travis Ormandy who posted the issue on pastebin and also showed the vulnerability working with a website specially crafted to take advantage of the exploit he found. Ormandy likened the issue to Sony’s famous screw up with their BMG DRM that was in actuality a rootkit and caused the recall of quite a bit of Sony games.

Ubisoft now claims they have patched the bug and all is good as long as people upgrade to the latest version of UPlay (Version 2.0.4). This means that when you buy that brand new Ubisoft game from the store you will need to upgrade the game and the DRM to make sure you are good to go. Ubisoft maintains that this issue was not a rootkit and never was one. Considering that the issue could be mitigated by disabling two browser plug-ins we have to agree with them here. Having dealt with a number of rootkits they are much harder to remove from a system than this.

Still the issue should not have been there and shows a common problem in IT and software development. This is a tendency not to check to make sure you are not building in exploits when you put together a system. The five lines of code in the UPlay plug-in allowed anyone to launch whatever they wanted. Ubisoft left them open intentionally because they were looking to make things easier for developers to work with their DRM tools. Unfortunately leaving these lines in allowed people to use the same command line arguments to launch what they wanted including malicious code. It was a bit of laziness on the part of Ubisoft which has opened a significant number of computers to potential attack.

Ubisoft now faces an issue that many companies face; getting people to actually install the patch. Ubisoft might have fixed the issue, but as we have seen in the past not everyone rushes to put the fix in place. It is a very common trend for people not to run updates and patches because they do not want to take the time to do so. Many companies have had this issue long before Ubisoft (how many of you have multiple updates waiting on your phone, tablets, or even desktops?) and the issue will remain a long time after this one. What Ubisoft might need to do is take advantage of their own exploit to push this one out to anyone launching UPlay just to be sure they hit the whole user base; or they could scrap the whole idea of always on DRM and find a better way to get things done. After all as studies have shown, DRM only affects and hinders legitimate consumers and has almost no effect on piracy.

Discuss this in our Forum

Read 2286 times Last modified on Tuesday, 31 July 2012 11:01

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.