Game developer Ubisoft is advising customers to update their systems following the discovery of a high-profile security vulnerability in the company's Uplay games tool.
Researcher Tavis Ormandy first spotted the flaw, which could potentially allow a third-party to exploit the uPlay service to run arbitrary and potentially malicious applications.
"I noticed the installation procedure creates a browser plugin for its accompanying Uplay launcher, which grants unexpectedly (at least to me) wide access to websites," Ormandy said in a post to the Full Disclosure security list.
"I don't know if it's by design, but I thought I'd mention it here in case someone else wants to look into it."
While the flaw was originally speculated to be related to a potential digital rights management (DRM) rootkit issued by the company, Ubisoft soon confirmed that the issue was in fact due to a "coding error" in the Uplay browser plug-in.
"The issue was brought to our attention early Monday morning and we had a fix into our QC department an hour and a half later," Ubisoft said in a statement provided to V3.
"An automatic patch was launched that fixes the browser plugin so that it will only open the Uplay application."
The company said that to patch their systems users should close any open web browsers and then launch the Uplay client software. An update which patches the vulnerable components should automatically begin.
While gaming applications have not conventionally been considered enterprise security risks, the rise in consumerisation has forced administrators to address the use of social networking and gaming platforms on IT infrastructure.
Found by calculating the strength of the material deep inside the crust of neutron stars
Can highlight in real-time the relevant regions of an image being described
Double legal trouble for Musk as he also faces civil lawsuit over renewed British pot-holer 'paedo' claims
Battery development could help boost performance of smartphones