Ormandy discovered the flaw in the PC version of Assassin's Creed Revelations, though it's reasonable to assume it would appear in all of Ubisoft's UPlay enabled PC titles.
The upshot of this, according to TechDirt, is that the exploit could allow any website – i.e. "bad websites" – access to your computer. Both Joystiq and Engadget have contacted Ubisoft to confirm the flaw. In the meantime, you may want to disable the UPlay browser plugin.
Update: Ubisoft has made a statement on the issue, reports RPS. The company has acknowledged the flaw and has made a "forced patch" to resolve the issue. The company recommends that "all Uplay users update their Uplay PC application without a Web browser open," which will "allow the plug-in to update correctly." The UPlay PC installer has also been updated to include the patch, and is available via the UPlay website.