Ubisoft patches uPlay exploit
Ubisoft "takes security issues very seriously"
French publisher Ubisoft, which earlier today came under fire for a rather ghastly exploit within the uPlay system, has confirmed a fix for the potentially devastating security flaw that could allow a website to remotely take control of a user's PC.
The exploit, which would allow a hacker to view files on a personal computer accessed through Ubisoft's uPlay service, has caused a stir among the hacking community for how dangerous it could have gotten. Essentially, Ubisoft's uPlay service acts as a gate to launch games on the PC through a web browser. With the exploit, the service could be used to open any file on the computer.
With a fix, Ubisoft has stated that "We have made a forced patch to correct the flaw in the browser plug-in for the uPlay PC application that was brought to our attention earlier today."
"We recommend that all uPlay users update their uPlay PC application without a Web browser open. This will allow the plug-in to update correctly. An updated version of the uPlay PC installer with the patch also is available from uPlay.com."
Ubisoft added that it "takes security issues very seriously, and we will continue to monitor all reports of vulnerabilities within our software and take swift action to resolve such issues."
Thus far there has been no word on how many, if any, users were affected by this exploit as Ubisoft has not commented on the matter further.