ASUS releases update to patch ASUS Live Update vulnerability — also created a new diagnostic tool to check if you are affected
ASUS has released a response to the ASUS Live Update Utility vulnerability which was discovered by Kaspersky Lab. In their response, they admitted that their Live Update servers were compromised to send the malware to “a small number of devices”, despite Kaspersky Lab claiming the numbers to be in the thousands.
To solve the issue, ASUS has implemented a fix in Live Update ver. 3.6.8 to improve the security of the updates. There are now multiple security verification mechanisms which will prevent malicious manipulation of the update utility. ASUS has also implemented an enhanced end-to-end encryption mechanism and also strengthened their servers’ security to prevent future attacks of the same kind.
For those of you who want to check if you already have the latest version of ASUS Live Update installed on your system, you can visit the this link to find out how. Basically what you need to do is just fire up Program and Features to see the version. ASUS also provides a guide on how to update ASUS Live Update if you aren’t already updated.
If you are still feeling paranoid, ASUS has released a diagnostic tool to check if your system is compromised by the malware. As we have previously reported, the number of systems that are affected may be huge but the hackers were allegedly only targeting a small number of systems. Still, if you want to be sure, you can download the diagnostic tool here.
It’s nice to see ASUS respond somewhat quickly regarding the issue, especially since it involves security concerns. If you are using an ASUS device, we recommend you to check if your PC is updated to the latest version of Live Update just to be on the safe side.
Pokdepinion: Well, that’s one known issue solved. To many more undiscovered security flaws!