Ubisoft games security risk!

Apparently Uplay installs a plugin on your web browser that has a huge security risk. ThisRPS article lists affected games and how to disable the plugin on Chrome, Firefox and Opera.

Interestingly enough I have a few of those said games installed and don't have the Chrome plugin. Either way this is ****ing ludicrous. skrat_01

chrome://plugins/

It's also odd they didn't mention Anno 2070... I have that installed and it uses Uplay. Got the news while on the bus today so can't check if I have the plugin or not... I'm guessing I do.

I have Anno 2070 and I've this plugin in my FF and Chrome too. I'm surprised to see there are other plugin like Yahoo, Nvidia, Pando and whatnot installed without my permission (or maybe because I can't be arsed to read long boring T&A).

[QUOTE="skrat_01"]Interestingly enough I have a few of those said games installed and don't have the Chrome plugin. Either way this is ****ing ludicrous. trastamad03

chrome://plugins/

It's also odd they didn't mention Anno 2070... I have that installed and it uses Uplay. Got the news while on the bus today so can't check if I have the plugin or not... I'm guessing I do.

Thankfully I dont have any ubi games on my PC, but this is bullsh*t all the same. would not be surprised if they hid this in the TOS or ELUA that are so long that nobody in their right mind would read. hopefully this comes to light and damaged ubi.

if this is true i'll be playing any future ubisoft games on the xbox.

bad enough splinter cell conviction kept chucking me out of the game back to the desktop; now i find out us paying customers have been rewarded with a nice security exploit too. awesome

[QUOTE="trastamad03"]

[QUOTE="skrat_01"]Interestingly enough I have a few of those said games installed and don't have the Chrome plugin. Either way this is ****ing ludicrous. skrat_01

chrome://plugins/

It's also odd they didn't mention Anno 2070... I have that installed and it uses Uplay. Got the news while on the bus today so can't check if I have the plugin or not... I'm guessing I do.

I have Heroes of M&M installed. Checked plugins and there they were. Disabled now. Thanks for the news TC.

It was fixed.

if this is true i'll be playing any future ubisoft games on the xbox.

Macutchi

But are you still using Steam?

Valve has fixed a man-in-the-middle vulnerability in the Windows Steam client, which would have allowed a correctly-positioned attacker to divert and decrypt HTTPS traffic without the victim's knowledge. This made sensitive payment details, such as PayPal credentials, vulnerable to eavesdropping.

---------------

The way Steam handles authorisation is with a cookie named steamLogin, however when a user signs out the token is not destroyed. That would be bad enough however, the same token is used in subsequent logins.

Steam handles credit card information and allows you to store it server-side. Thus if a malicious user gained a copy of someones cookie, they could make charges to an already registered credit card and max it out very easily.

Thanks for the info, glad Anno is not affected

Wonder if that has anything to do with the fact after it installed for me I had like 40 trojan pop ups.

I've had ubi blacklisted for years now, since ac2 and on- that's when their 'always online drm even for sp' started- and I'm a single player. THeir drm gets worse and worse, I see I was right to do so. They've lost a lot of money over the years, I"m hardly the only one not giving them a dime while they're like this.

I've had ubi blacklisted for years now, since ac2 and on- that's when their 'always online drm even for sp' started- and I'm a single player. THeir drm gets worse and worse, I see I was right to do so. They've lost a lot of money over the years, I"m hardly the only one not giving them a dime while they're like this.

Tidal_Abyss

They fixed the problem the day after people noticed it.
They've also patched the always-online DRM out of their major titles, and their most recent games haven't used that at all.

So...I don't think it's fair to say that it's getting worse and worse. Ubisoft does actually seem to be trying to listen and improve - it's just that the mindless gaming horde will villify them no matter what they do.