Gamers around the world have recently woken up to shocking news regarding their favorite Uplay PC application which left them exposed to a variety of online attacks. The defect can be termed as a ‘rootkit’ which is malicious software (malware) that allows others to run malware on the system which has a rootkit. It is often undetectable and exposes the PC to a variety of attacks.
Hackers often utilize malware to disguise their attacks and steal important information from systems. The flaw was discovered by Tavis Ormandy, an employee of Google, who discovered while setting up the Assassin’s Creed Revelations game on his computer discovered a ‘browser plug-in’ accompanying the ‘Uplay launcher’ which ‘grants unexpectedly wide access to websites’. The fault could enable websites to coerce users who had installed the plug-in to initiate any kind of program on their system.
This flaw could result in information leaks and damages of epic proportions as demonstrated by a security researcher who showed that when a person visited that site, the calculator program was automatically started on the PC. The same defect could have been exploited by many other websites to trace or copy information from the user’s system as well. Ubisoft never accepted the fault as an intentional one and has blamed it as an error. They have acted quickly and generated a patch to repair the fault.
A spokesperson for the company has accepted the error and said that the ‘weakness could allow the application to specify any executable to run, rather than just a game.’ They said that the ‘plug-in had no malicious intent and was not widely exploited.’ Some of the games affected by the error include Assassin’s Creed editions, Just Dance 3, along with titles in the Tom Clancy series. Even the Western-themed FPS game, Call of Juarez editions were also affected by the error. Ubisoft also assured its fans that it takes ‘security issues very seriously’ and will ‘monitor all reports of vulnerabilities’ and ‘take swift action to resolve such issues.’ The error has been detected at an early stage and hence it is expected that the damages would be minimal at this stage.
If you are a user who has installed Uplay on their system, then you can close all browsers opened by the Uplay software and restart it to update it sans the error. You can also visit the Ubisoft website to install the updated version of the same. The replacement of the Uplay version may lead to a loss of achievements and trophies on the system. The error has surfaced at a crucial time when the company is basking in the critical appraisal of its latest launch, Watch Dogs. Now, the concept of the game is all about characters hacking into the system and utilizing it for fulfilling their purpose of finding targets and eliminating them. With such a rootkit discovered in their own software, one wonders whether the gaming company wants to try this technology out for themselves? Anyways, for one, the PC cannot be treated as a personal domain from now on! After all, there are many who are ‘watching’ one’s system now!