Tavis Ormandy – engineer for Google – stumbled upon what seems to be a serious vulnerability in Ubisoft’s DRM system. After purchasing an Ubisoft game, he found out that its Uplay browser plugin may have some security issues as it allows remote and “wide access” to machines running the DRM.
DRM stands for Digital Rights Management and is an essential tool against piracy as it lets developers to control who can copy, install and use their products. However, the DRM system often failed to work properly, thus leading to unwanted side-effects – cause of frustration for legitimate users.
According to Tavis Ormandy, the Uplay DRM system (developed and used by Ubisoft) can make things even worse:
“While on vacation recently I bought a video game called Assassin’s Creed Revelations. I didn’t have much of a chance to play it, but it seems fun so far,” he wrote on the Full Disclosure mailing list yesterday.
“However, I noticed the installation procedure creates a browser plugin for its accompanying Uplay launcher, which grants unexpectedly (at least to me) wide access to websites. I don’t know if it’s by design, but I thought I’d mention it here in case someone else wants to look into it.”
After a day he was back with an update:
“I got it working,” he said.
“I submitted it to Ubisoft via the online form.”
What we understand from this is that hackers can easily take advantage on this vulnerability as soon as they figure it out, opening doors for malicious software, keyloggers, bots, etc.
The list of games using Uplay DRM is extensive; some of the biggest names include the Assassins Creed series, Call of Juarez: The Cartel, Driver: San Francisco, Silent Hunter 5: Battle of the Atlantic, and Tom Clancy games. A full list can be seen here.