Tuesday, July 31, 2012

Ubisoft UPlay may accidentally contain web plugin exploit, Ezio would not approve

Assassin's Creed 2 - Ezio Auditore da Firenze

If you've played Assassin's Creed 2 (or other Ubisoft games), you may have installed more stealthy infiltration than you bargained for. Some snooping by Tavis Ormandy around Ubisoft's UPlay looks to have have discovered that the service's browser plugin, meant to launch locally-stored games from the web, doesn't have a filter for what websites can use it -- in other words, it may well be open season for any maliciously-coded page that wants direct access to the computer. Closing the purported, accidental backdoor exploit is thankfully as easy as disabling the plugin, but it could be another knock against the internet integration from a company that doesn't have a great reputation for online security with its copy protection system. We've reached out to Ubisoft to confirm the flaw and learn what the solution may be, if it's needed. For now, we'd definitely turn that plugin off and continue the adventures of Ezio Auditore da Firenze through a desktop shortcut instead.

Filed under: ,

Ubisoft UPlay may accidentally contain web plugin exploit, Ezio would not approve originally appeared on Engadget on Mon, 30 Jul 2012 10:02:00 EDT. Please see our terms for use of feeds.

Permalink TechDirt  |  sourceSeclists.org  | Email this | Comments

Source: http://www.engadget.com/2012/07/30/ubisoft-uplay-accidentally-contains-web-plugin-exploit/

shaka smart hungergames bagpipes aspirin aspirin 21 jump street illinois primary results

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.