Yesterday the information broke that Asus Live Update software program put in on laptops and PCs from the Taiwanese producer contained a backdoor between June and November 2018. Thus far it has been silent on the ASUS camp.
Malicious people this fashion might set up malware on particular methods. ASUS, nevertheless, up to date its Live Update software program and has launched a brand new model with safety measures. The producer is staying awfully silent in mild of this incident when it comes to content material or warning revealed on their web sites, particularly contemplating that over 500.000 might have been affected. Version 3.6.Eight of the Live Update software program prevents manipulation by third events. Asus additionally mentions that end-to-end encryption is now being utilized within the replace software program and that safety measures have been taken on the replace servers to forestall related assaults sooner or later.
ASUS response to the current media stories concerning ASUS Live Update instrument assault by Advanced Persistent Threat (APT) teams
Advanced Persistent Threat (APT) assaults are national-level assaults often initiated by a few particular nations, focusing on sure worldwide organizations or entities as an alternative of shoppers.
ASUS Live Update is a proprietary instrument provided with ASUS pocket book computer systems to make sure that the system at all times advantages from the newest drivers and firmware from ASUS. A small variety of gadgets have been implanted with malicious code by a classy assault on our Live Update servers in an try to focus on a really small and particular person group. ASUS customer support has reached out to affected customers and supplied help to make sure that the safety dangers are eliminated.
ASUS has additionally carried out a repair within the newest model (model 3.6.8) or the Live Update software program, launched a number of safety verification mechanisms to forestall any malicious manipulation within the kind or software program updates or different means, and carried out an enhanced end-to -end encryption mechanism. At the identical time, we’ve additionally up to date and strengthened our server-to-end person software program structure to forestall related assaults from taking place sooner or later.
Additionally, we’ve created an internet safety diagnostic instrument to test for affected methods, and we encourage customers who’re nonetheless involved to run it as a precaution. The instrument will be discovered right here: https://dlcdnets.asus.com/pub/ASUS/nb/Apps-for-Win10/ASUSDiagnosticTool/ASDT-v1.0.1.0.zip
Users who’ve any further considerations are welcome to contact ASUS Customer Service.
More details about APT teams: https://www.fireeye.com/current-threats/apt-groups.html
