Yesterday, we reported on a rather alarming security exploit which took advantage of a weakness in the ASUS Live Update utility installed on millions of PCs. Operation ShadowHammer took advantage of Live Update to gain a backdoor to users’ PCs and download malware in the background.
ASUS was initially notified of Operation ShadowHammer by Kaspersky Lab on January 31st, but Motherboard reported that the company, “has been largely unresponsive since then and has not notified ASUS customers about the issue.” Well, after widespread coverage of the backdoor yesterday, ASUS has finally issued an official response on its website.
The company downplays any widespread proliferation of infections, stating, “Only a very small number of specific user group were found to have been targeted by this attack and as such it is extremely unlikely that your device has been targeted.”
ASUS goes on to clarify that the backdoor only affected its notebooks running earlier versions of Live Update. The company has also made available a security diagnostics tool that scans your system to determine if you’ve been backdoored [Download Link]. If the diagnostic tool determines that you were targeted, ASUS recommends that you back up your files and restore your PC to its factory default settings.
As for Live Update, ASUS has issued version 3.6.8 of the utility which includes a comprehensive fix for the existing backdoor, and any future attacks. According to the company, it has introduced end-to-end encryption and has “introduced multiple security verification mechanisms to prevent any malicious manipulation in the form of software updates or other means.”
To find out what version of Live Update you’re using and for instructions on how to upgrade to Live Update version 3.6.8, you can visit this ASUS FAQ page.