Pinterest Stumbleupon Whatsapp

Exploitable code has been discovered in a browser-plugin installed by some Ubisoft games as part of the Uplay service. The exploit allows malicious websites to remotely install software on a compromised PC without the user’s knowledge.

The exploit is accomplished by tricking the Uplay browser plugin Browser Plugins - One Of The Biggest Security Problems On The Web Today [Opinion] Browser Plugins - One Of The Biggest Security Problems On The Web Today [Opinion] Web browsers have become much more secure and hardened against attack over the years. The big browser security problem these days is browser plugins. I don’t mean the extensions that you install in your browser... Read More into thinking that a given link contains legitimate Uplay code. In theory, this backdoor could be used to infect a computer with any malware desired. There’s no sign of a patch yet, so users need to look out!

Worse still, users who are vulnerable to this exploit may not even know a browser plug-in is installed. I personally fall into this category. Several days ago I installed a copy of Ghost Recon: Future Soldier. Ubisoft did not inform me that it had added a plug-in to my browser, so I was surprised to find that the vulnerable plug-in was installed.

The plug-in appears to install in all major browsers including Opera. You’ll need to go into your browser’s options to find and delete it. It always includes “Uplay” in its title, so it’s at least easy to find. Only Ubisoft games that require the Uplay service have this problem.

So far, there have not been any reported instances of the exploit being used in the wild. The discovery was publicized on Hacker News and has since been widely reported, so attempts to utilize it seem likely. Ubisoft has made an official announcement that informs players how they can fix the exploit.


Source: Rock, Paper, Shotgun

  1. Charlie Player
    August 2, 2012 at 6:17 am

    lol and poor ubisoft...

  2. sabih
    July 31, 2012 at 10:51 pm

    I rarely play the current Ubisoft games. They need to fix this problem.

  3. Alexander Zahn
    July 31, 2012 at 8:07 pm

    Come on Ubisoft!

  4. Jerick Dilla
    July 31, 2012 at 3:18 pm

    Oh Ubisoft... Guess we have to watch out what things these game installations actually install so we can still ensure our safety.

  5. Igor Rizvi?
    July 31, 2012 at 11:58 am

    Wow i had the same addons,thx for posting this!!

Leave a Reply

Your email address will not be published. Required fields are marked *