Skip to main content

Ubisoft moves to rectify DRM after malware attack

Game publisher Ubisoft has already received flack for its games' digital rights management (DRM), which requires an Internet connection to play, and the company has suffered further criticism after its always-connected DRM opened some players to malware.

Ubisoft's Uplay system – which checks that a game is legal, and provides game achievements, multiplayer, and additional content – was found to contain a virus. The company responded quickly, issuing an update the same day the news broke.

Prior to that update, however, game installations were also accompanied by a browser plug-in that allowed any website continued access to and control over a machine without the user's permission, reported.

Ubisoft updated Uplay to the current 2.0.4 version today, and fixed the browser plugin. "Ubisoft takes security issues very seriously, and we will continue to monitor all reports of vulnerabilities within our software and take swift action to resolve such issues," the company said in a statement.

Google information security engineer Tavis Ormandy first discovered the malware while downloading Assassin's Creed: Revelations onto his laptop.

Uplay carries 21 titles, including five Assassin's Creed games, three Tom Clancy games, plus a number of popular titles, "which together will mean potentially hundreds of thousands of PCs are at risk of being exploited," according to

The best way to make the fix, Ubisoft said, is to update the Uplay PC application without a Web browser open to allow the plugin to update correctly. Users can also find a version of the updated installer on