Ubisoft’s DRM broken and fixed again
Earlier today, news broke that Ubisoft’s Uplay DRM system contained a major security hole.
Google information security engineer Tavis Ormandy installed a copy of Assassin’s Creed: Revelations on his PC and noticed Uplay installed a web browser plugin that – upon further investigation – turned out to theoretically make it possible for malicious websites to get access to the files on your PC.
Since the “bug” became public knowledge, Ubisoft has been quick to release a patch that fixes the issue and they’ve also sent out the following statement:
“We have made a forced patch to correct the flaw in the browser plug-in for the Uplay PC application that was brought to our attention earlier today. We recommend that all Uplay users update their Uplay PC application without a Web browser open. This will allow the plug-in to update correctly”.
“An updated version of the Uplay PC installer with the patch also is available from Uplay.com”
“Ubisoft takes security issues very seriously, and we will continue to monitor all reports of vulnerabilities within our software and take swift action to resolve such issues.”
Do we like always-on DRM? Hell no!