Ubisoft Uplay DRM Found To Include a Rootkit

An anonymous reader writes "It has been discovered that the Uplay system Ubisoft uses to both check a game is legal and offer up gaming achievements, multiplayer, and additional content, actually contains a rootkit. The discovery was made by Tavis Ormandy, an information security engineer at Google, when he installed Assassin's Creed: Revelations on his laptop. He noticed that during the installation Uplay installed a browser plug-in that allows any website to gain access to your machine through a backdoor and take control of it.The plug-in can be classed as a rootkit because it is thought to allow continued privileged access to a machine without a user's consent."
Update: Ubisoft has released a statement saying it has issued a forced patch to correct the flaw in the browser plug-in for the Uplay PC application.

Re:Enough with giving Windows a pass

You think a backdoor couldn't be installed on Linux?

Read what I said. I said that using the term root kit was inappropriate terminology when you are talking about Windows. Windows doesn't have a root user by default and won't have one period unless you specifically create one which is out of the scope of the discussion entirely. When you use generic terms to refer to something that has implicit specificity 99.99999 percent of the time, it is misleading. Note the fact that you yourself point out the flaw in the semantics by using the real generic term "backdoor" which if we are talking about the risk as it relates to all platforms is appropriate. The summary uses the specific term root which applies to a lot of platforms with the specific exception of the one that is actually under discussion. Then you use the generic term to defend the mistake. Irony.