How to protect yourself from PC hardware and hardware driver vulnerabilities

Attackers have hijacked PC motherboard update software and hardware drivers to install malware. Here's how to identify vulnerable systems and prevent driver-delivered malware.

PC manufacturer Asus recently announced that from June to November 2018, attackers used its Asus Live Update app, which comes preinstalled on ASUS notebook computers, to install backdoors on targeted computers. Kaspersky indicated that about 57,000 systems installed the backdoored live update software. Asus has acknowledged the introduction of malware into its update process and provided a tool to test your system to see if it has the malicious software installed.

The backdoored updaters appear to target specific computers. As was stated in the investigation, the backdoor software contained hardcoded MD5 hashes representing MAC addresses. The theory is that attackers identified specific hardware systems, groups or computers sold to specific companies to gain more access to those systems.

If you have ASUS Live Update installed on your system, ensure that you have the latest version 3.6.9 installed as it includes a fix and additional mechanisms that can prevent manipulation of updates.

bradley hardware 1 Susan Bradley

Asus tool indicates targeted machines

Steps to ID your PC motherboard

To continue reading this article register now

FREE Download: Get the Spring 2019 digital issue of CSO magazine today!