Asus live update 3.6.8
“This attack leveraged a very broad platform, the Asus updates, but then strategically targeted a small set of those initially compromised for further attack. Affected users need to find out whether the attackers have actually targeted them, and then they need to assess the extent of the compromise," Erlin told The Register. "While Asus may have released a fix, if you’ve already been compromised that might not be enough. Tim Erlin, veep of product management and strategy for security house Tripwire, noted that Asus did not answer many of the questions netizens will have about the attack, and how they should deal with it.
#Asus live update 3.6.8 update#
The fact that network adapter MAC addresses were baked into the backdoored Live Update build suggests the snoops behind ShadowHammer were well aware of the internal operations of their target. It described the intrusion as the work of an advanced persistent threat, which it defined thus:Īdvanced Persistent Threat (APT) attacks are national-level attacks usually initiated by a couple of specific countries, targeting certain international organizations or entities instead of consumers. Asus's efforts to prevent man-in-the-middle fiddling is all well and good, as long as the PC slinger has also sufficiently shored up the security of its download servers, so updates can't be poisoned again.Īlso, Asus implied in its statement that ShadowHammer was carried out by an unnamed nation's spies against a particular organization or entity rather than random netizens.
![asus live update 3.6.8 asus live update 3.6.8](https://www.windowsdrivers.org/wp-content/uploads/2021/06/ASUS-ZenBook-14-UX431FA-UART-200x198.jpg)
Yet Kaspersky claimed the backdoored utility was hosted on Asus's update server, meaning the code was nobbled at the source rather than while going over the wire. Kaspersky is due to publish a full report into the shenanigans.įrom the wording of Asus's statement, the PC maker seems more concerned about the tampering of downloads while they are in transit, effectively thwarting man-in-the-middle attacks. Symantec also confirmed its antivirus tools, like Kaspersky's, had detected the backdoored Live Update on its customers' systems.