Asus releases Live Update software with security measures

Yesterday the news broke that Asus Live Update software installed on laptops and PCs from the Taiwanese manufacturer contained a backdoor between June and November 2018. Thus far it has been silent at the ASUS camp.  

Malicious folks this way could install malware on specific systems. ASUS, however, updated its Live Update software and has released a new version with security measures. The manufacturer is staying awfully silent in light of this incident in terms of content or warning published on their websites, especially considering that over 500.000 could have been affected. Version 3.6.8 of the Live Update software prevents manipulation by third parties. Asus also mentions that end-to-end encryption is now being applied in the update software and that security measures have been taken on the update servers to prevent similar attacks in the future.

ASUS response to the recent media reports regarding ASUS Live Update tool attack by Advanced Persistent Threat (APT) groups

Advanced Persistent Threat (APT) attacks are national-level attacks usually initiated by a couple of specific countries, targeting certain international organizations or entities instead of consumers.

ASUS Live Update is a proprietary tool supplied with ASUS notebook computers to ensure that the system always benefits from the latest drivers and firmware from ASUS. A small number of devices have been implanted with malicious code through a sophisticated attack on our Live Update servers in an attempt to target a very small and specific user group. ASUS customer service has reached out to affected users and provided assistance to ensure that the security risks are removed.

ASUS has also implemented a fix in the latest version (version 3.6.8) or the Live Update software, introduced multiple security verification mechanisms to prevent any malicious manipulation in the form or software updates or other means, and implemented an enhanced end-to -end encryption mechanism. At the same time, we have also updated and strengthened our server-to-end user software architecture to prevent similar attacks from happening in the future.

Additionally, we have created an online security diagnostic tool to check for affected systems, and we encourage users who are still concerned to run it as a precaution. The tool can be found here: https://dlcdnets.asus.com/pub/ASUS/nb/Apps-for-Win10/ASUSDiagnosticTool/ASDT-v1.0.1.0.zip

Users who have any additional concerns are welcome to contact ASUS Customer Service.

More information about APT groups: https://www.fireeye.com/current-threats/apt-groups.html