Yesterday we told you about another problem in the Ubisoft DRM model, where it was revealed that due to a bad browser plug-in from their Uplay service could leave your computer vulnerable to attack, where it gave an attacker the ability to make your computer run any sort of executable that they wanted. The issue was discovered over the weekend by hackers who proceeded to go public with the information, and luckily for many Ubisoft customers the company patched up the hole in a short amount of time. In fact, for some people, including myself, the fix was almost a little too quick…
It’s because of the seriousness of the security hole that many people are saying that Ubisoft intentionally installed what is called a rootkit into the Uplay software. For those of you who don’t know, a rootkit basically allows an outsider user to access the core directories of your system without your knowledge. It’s a bad piece of malware, one that you never want to have on your system if you can help it. Now Ubisoft has come out and claimed in an official statement that “The issue is not a rootkit”.
I’m not so sure I believe them. When it came to the actions that they took, Ubisoft claimed that the issue was brought to their attention Monday morning and that they had a fix from their QC department an hour and a half later. If it took only an hour and a half to fix it in the first place, then why wasn’t it caught when it was first being developed? How were they able to find the “broken” code and fix it in an hour and a half and make sure it was working perfectly? This just doesn’t add up to me. I’m going to have to side with the conspiracy theorists on this one, and say that Ubisoft had this fix made months ago so that when somebody finally discovered the rootkit they would be able to “fix” it in a timely fashion. That’s bad form, Ubisoft, bad form.