What is asus live update utility
- #What is asus live update utility install
- #What is asus live update utility update
- #What is asus live update utility software
- #What is asus live update utility code
- #What is asus live update utility download
Kaspersky also found evidence connecting the methods used during Operation ShadowHammer with the ones utilized in the attack against CCleaner and in the ShadowPad supply chain attack from 2017 that impact NetSarang.Īlso, as detailed by GReAT, the threat actor behind the latter was already identified as BARIUM - known users of the Winnti backdoor - by both Microsoft, ESET, and other security researchers.
#What is asus live update utility update
The malicious supply chain campaign was dubbed Operation ShadowHammer by GReAT and, as initially reported by Kim Zetter, it supposedly led to the backdoored version of ASUS Live Update being downloaded and installed on the computers of more than 57,000 Kaspersky users.
Yesterday, Kaspersky Lab announced that its Global Research and Analysis (GReAT) team has detected a new APT campaign in January 2019, estimated to have run between June and November 2018, allegedly impacting over one million users who have downloaded the ASUS Live Update Utility on their computers. The user can do different actions having to do with the motherboard and BIOS software: create a backup, change settings or update it.
#What is asus live update utility software
ShadowHammer victim distribution according to Kaspersky If your computer is based on an ASUS motherboard, the best way to keep BIOS software up to date is using the official application by ASUS: ASUS update Utility. In addition, "In order to ensure the security of your information, ASUS recommends that you regularly update your passwords," while users who want to check if they have the malware-free ASUS Live Update tool can do so by following the instructions available HERE.
This will completely remove the malware from your computer."
#What is asus live update utility download
The company also announced that it provides "an online security diagnostic tool" available for download HERE, which will allow ASUS customers to check if their computers have been impacted by the APT campaign.Ĭustomers who discover that their machines have been affected are advised to "Immediately run a backup of your files and restore your operating system to factory settings. To be able to block further attacks targeting its servers, ASUS says that it "updated and strengthened our server-to-end-user software architecture." Says only small number of machines infected (researchers say 500k+) also says it’s finally begun to notify customers ( told them about prob in Jan.) They don’t bother to thank Kaspersky at all in statement. The company also said that "only the version of Live Update used for notebooks has been affected," with all other devices not being affected by the supply chain attack.Īdditionally, ASUS states that its "customer service has been reaching out to affected users and providing assistance to ensure that the security risks are removed."Īs detailed in the press release, the company fixed the issue in the ASUS Live Update tool's 3.6.8 release by adding a number of security check mechanisms designed to block "malicious manipulation" via updates or any other methods.
#What is asus live update utility code
"A small number of devices have been implanted with malicious code through a sophisticated attack on our Live Update servers in an attempt to target a very small and specific user group," says ASUS. I stand by that recommendation for others.Asus confirmed today that its Live Update utility has been indeed infected with malicious code by an advanced persistent threat (APT) group as part of a supply chain attack which managed to compromise some of its servers.
#What is asus live update utility install
The link in the post is still active by the way.įor me the solution wasn’t to update the tools, it was to eradicate them and never install them again. Nice of him to do that to help people, but at first glance, it just looks kind of janky. Additionally, that tool was put up on a google drive account, not on an official Asus site. Because, even if you did manage to get it run, it left things behind (like service entries in the registry).
This was my experience with the AI Suite editions (II and III) that I tried.Īdditionally, one of the Asus staff members had to post a link to a tool on the ROG forums to clean up after the uninstaller. I immediately went back to doing my BIOS updates with a verified download and thumb drive.Īdditionally, nothing says quality like an installation that breaks pretty much the moment after you install it, to the point where you have to manually clean it from your system to get rid of it, because it’s so screwed up that the uninstaller crashes when attempting an uninstall. I realized early on that the update tool was using an insecure connection, and that was just one sticking point for me. However, I banned AI suite and its related software utilities (which the insecure updating tool in question is part of) long ago when I realized how amateurish, buggy and generally ill conceived they were. The hardware products are solid, and I have no issues with them or Asus as a company. Like I’ve built many machines with Asus boards.