Thanks, nice to see some level-headedness amongst all of the silly quickfire reactions in here.
You do realize that you don't own the games that you pay money to buy on Steam, and that they can be taken from you at anytime, right?
People are exaggerating. Uplay just installs a web browser plug-in that has poor security standards. There's nothing to suggest it can be used to alter protected Windows processes or Ubisoft games. You want to fix this? Disable the plug-in in your browser. Done. People talking about reformatting their PCs are making me facepalm. This is more down to incompetence than malicious intent, and I don't expect competence from Ubisoft.
The exploit enables root access and remote code execution, in various shapes and sizes. It's easy to disable, but doesn't change the fact that by default, millions of PCs right now are vulnerable to getting fucked. If Ubisoft is fast enough, the real world damage will be minimal, aside from consumer confidence, but this isn't as innocent as you make it out to be. Added your fix to the OP.
No. No DRM at all would be lovely. Valve worship is something I don't get. Great company, but the worship is not needed.
To be fair, as I said before, Ubisoft does treat PC gamers like shit regarding DRM, so the "quickfire reactions" are understandable. I don't get the comments about having to reinstall/format Windows.
A "No DRM" future is nothing but delusional. Since copy protection isn't suddenly to vanish, it makes more sense to praise DRM done right than complaining about every DRM like an narrow-minded grandpa.
GOG seems to do ok without it
So this thing gives elevated access to windows?
Are folks who have the Steam version of Anno safe from this? Asking cause I'm a nosy meddler. ^_^
Reinstalling/formatting is the default internet response to PC troubleshooting and its a thing that really needs to stop.
So this thing gives elevated access to windows?
You do realize that you don't own the games that you pay money to buy on Steam, and that they can be taken from you at anytime, right?
Yes, all that hard work for you when other people are re-installing.
Yeah, if by "okay", you mean trying to sue the fuck out of the planet.
Oh hey, you edited that darn quickly.
Besides, your claim is not really clear cut. EU probably will have something to say about that.
GOG seems to do ok without it
Assuming Windows 7 or Vista, how does it give elevated access to Windows if the Uplay application isn't configured to run with admin rights? I thought UAC was designed to prevent that exact situation.Yeah, the original post is just a proof of concept. Like I said, hopefully Ubisoft reacts quickly, before someone start tweeting "New Ass Creed 3 trailer!! *malicious link*" and people get screwed.
There's a reason why publishers don't put their most recent games on the service.
There's a reason why publishers don't put their most recent games on the service.
There's a reason why publishers don't put their most recent games on the service.
Yes, all that hard work for you when other people are re-installing.
You do realize that you don't own the games that you pay money to buy on Steam, and that they can be taken from you at anytime, right?
This plug-in is technically a rootkit since it allows privileged access at will.
Definition:
"A rootkit is a stealthy type of malicious software (malware) designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer."
It might not be he stealthiest, but it's not obvious. Hijack this can also detect Uplay. *Shrug*
I could understand a small delay (week or so) for the DRM free versions to come out (due to trying to stop day one piracy), but leaving heavy DRM on games months or years after they have been cracked hurts no one bar the people buying the damn game.
No, a rootkit acts as a filter between the kernel and user mode programs, hiding anything it does not want you to see.
"... a recent decision to ban a user account has reminded us all we dont technically own the games bought through the service. If your account is banned, you cant login and play your games. All that money you spent on tens, or even hundreds of titles doesnt count for anything."
http://www.geek.com/articles/games/steam-proves-we-dont-own-the-games-we-buy-2012021/
That being said, installing a "sudo" plugin in everybody's browser without any security validation (if I understand correctly what this is about) would be hilarious if it wasn't that tragic. But gamers are gamers, they forgave sony, they'll forgive ubisoft too, and they'll never learn.
Re-installing isn't a fix, its a work around. It doesn't make sure the same fault won't return. Trouble shooting it and adressing it correctly prevents the same issue arrising.
So how can I disable the plug-in on Chrome?
That was back in February. The EU Court's decision last month supersedes it, at least in the EU."... a recent decision to ban a user account has reminded us all we dont technically own the games bought through the service. If your account is banned, you cant login and play your games. All that money you spent on tens, or even hundreds of titles doesnt count for anything."
http://www.geek.com/articles/games/s...e-buy-2012021/
did you read the OP? =/