Ubisoft has caught a lot of flak from PC gamers over their uPlay system, online-authentication DRM that most recently came to attention for being unavailable at exactly the wrong time.
https://lastchance.cc/ubisofts-uplay-is-down-for-everyone-not-just-you-5926143%3C/a%3E%3C/p%3E
As it now turns out, uPlay is not only inconvenient to gamers, but it also comes with an insecure, exploitable browser plugin. Rock Paper Shotgun reports that the browser extension has a big fat hole in it that allows remote users to access and exploit a system. Malicious users can then install programs, or open, access, and delete files already on the PC.
Happily, as the exploit is in a browser extension, it’s pretty simple for most PC gamers to disable on their own:
Firefox: Tools – Add-ons – Plugins – Disable the Uplay and Uplay PC Hub plugins
Chrome: Visit about:plugins and disable
Opera: Settings – Preferences – Advanced – Downloads – Search “Uplay”, delete
And for those using Internet Explorer, Microsoft has detailed instructions on how to disable browser add-ons.
Players who have ever installed an Ubisoft game on their PC may want to double-check their browsers to look for and disable the uPlay extensions until a fix is announced.
Update: Ubisoft has released a patch. They recommend all users either update their uPlay client without a browser open, or download the new, patch-included version of the client from uplay.com.
Warning: Big Security Risk In Some Ubisoft PC Games [Rock, Paper, Shotgun]
