Recently, a security flaw in Ubisoft’s anti-piracy system Uplay lead hackers to user’s system files via game launcher. The flaw was being attributed to ‘rootkit‘ which actually is a sort of malware that can give an outsider access to system’s root files. Ubisoft however, has denied the relation and a coding error in a browser plugin is told to be the real culprit:
The issue is not a rootkit. The Uplay application has never included a rootkit. The issue was from a browser plug-in that Uplay PC utilizes which suffered from a coding error that allowed unintended access to systems usually used by Ubisoft PC game developers to make their games
The publisher claims that no harm has been done in the accident and they will keep on looking into the issue to make sure that everything remains secured:
The issue was brought to our attention early Monday morning and we had a fix into our QC department an hour and a half later. An automatic patch was launched that fixes the browser plugin so that it will only open the Uplay application. Ubisoft takes security issues very seriously, and we will continue to monitor all reports of vulnerabilities within our software and take swift action to resolve such issues.
Being a user, you should immediately update the Uplay tool according to the provided guidelines:
We recommend that all uPlay users update their uPlay PC application without a Web browser open. This will allow the plug-in to update correctly. An updated version of the uPlay PC installer with the patch also is available from uPlay.com