Yesterday, Ubisoft made headlines when it was discovered that its UPlay service had a pretty big security hole that could allow malicious websites to access users' computers. The good news is that Ubisoft has issued a patch for the issue (and managed to do that rather quickly), but the bad news is just starting for the French publisher, which is already on thin ice with PC players thanks to its fondness of always-on DRM. Indeed, this security issue wouldn't been as big of a problem if Ubisoft didn't require players to run UPlay alongside many of its games, including most Assassin's Creed titles and a few games in the Tom Clancy franchise.
Today Ubisoft spoke out about the vulnerability and the patch itself, telling gamers that it takes security seriously and will be monitoring new reports as we begin to move away from this embarrassing blunder. "We have made a forced patch to correct the flaw in the browser plug-in for the UPlay PC application that was brought to our attention," a spokesperson for the company said. "Ubisoft takes security issues very seriously, and we will continue to monitor all reports of vulnerabilities within our software and take swift action to resolve such issues."
In order to ensure that the plug-in is updated correctly, Ubisoft suggests that players install the UPlay update without a browser window open. Alternatively, an updated version of the installer is available from the UPlay website, and comes complete with this new patch. Hopefully this fix solves the issue for good, but even if it does, we can't imagine that gamers will be willing to forgive and forget as quickly as Ubisoft would prefer.
Sadly, this probably won't do much to get Ubisoft to reconsider its use of always-on DRM. Ubisoft is a company that has major problems with PC piracy, and investors want that rampant piracy reined in, regardless of the hassle it may cause paying customers. It's an understandable position, but it still isn't hard to crack a smile when always-on DRM keeps shooting itself in the foot like this.