UbiSoft patches DRM loophole vulnerability

Posted by Shane McGlaun

UbiSoft has rolled out a patch for its uPlay DRM which reportedly left PCs vulnerable and open to attack from malicious code planted by nefarious websites.

Various reports indicate that the flaw could potentially be exploited via e-mail links, while allowing UbiSoft to remotely monitor a user's machine.

It should be noted that Ubisoft currently sells a number of video games that include the affected DRM software, including some titles in the wildly popular Assassin's Creed franchise.

Fortunately, Ubisoft appears to have taken the issue seriously and, as noted above, has confirmed that it patched the loophole, thereby preventing hackers from accessing computers with uPlay installed.

The fix was issued via a patch that can be downloaded from the uPlay website or via the uPlay application itself.

"We have made a forced patch to correct the flaw in the browser plug-in for the Uplay PC application that was brought to our attention," a spokesperson said.

"We recommend that all Uplay users update their Uplay PC application without a web browser open. This will allow the plug-in to update correctly. An updated version of the Uplay PC installer with the patch also is available from Uplay.com.

"Ubisoft takes security issues very seriously, and we will continue to monitor all reports of vulnerabilities within our software and take swift action to resolve such issues."