Driver’s update – yes, I know they are not fun, but we all have to do them. At least, they are doing some less nerve disorders than the BIOS update. I know that I should really do even more often, but thought about something that gets upset me only after passing the partial path. Asus has at least one driver tool called drivers hubs to make things easier. Unfortunately, the recent Hub Big has left the back door open for hackers.
If you have ASUS Mother Board or any other pre -built system, you should update the driver hub Now, Since your system may be at risk of implementing a remote code Hot hardware,
In straight terms, the driver hub acts like an open network server in your machine, in search of http requests and directs people coming from drurehub.asus.com directly. Unfortunately, if we think of the driver hub as a special club to some extent, it needs to be fired because the driver will also be allowed to come to hub.asus.com.but.with.funny.glasse.a.trenchcoat.com.
It turns out that this driver’s device is not as safe as anyone wants. If someone has to set up my aforementioned, creatively designated domain, then they will only have to upload a file that contains a real ASUS installer with the adminator’s permission with malicious files based on his choice. The reason for this is that the drive hub only validates the digital signature of the installer, but any of the files that are hoping to install on your system.
Once again, to deploy the club’s metaphor, the drive hub’s bouncer waves in someone who do not clearly have asus, and then the security at the bag check sees them, ‘Yes, this is definitely a very fashion traich coat,’ but they do not appear in any of their pockets. After that, the Impacter entered the VIP room to produce a royal dirt that I certainly do not want to do cleaning.
Unfortunately, this party crushing bug is not as new or surprising as it can expect. A security researcher who has recently been going to the handle Mr. Detailed the danger in detail Before revealing Asos. However, this shows that the company may know about the problem in early February when another researcher, even after “lemonjza”, pointed to them.
Still, the risk was registered with NIST AS CV-2025-3462 And CV-2025-3463 Last week, and both have a suspicious honor of high CVSS-B score (8.4 and 9.4) respectively.
Thankfully, it is so easy to update the driver itself from the hub. Alternatively, if you already install directly automatic updates to your BIOS, thus avoiding this problem, you are allowed to feel a bit smuggled.
As much as I have left Bios’s updates-especially after writing about this illicit 100-hour update-I probably should make it easier to roam there. Closing automatic installations may present a slight fat in the short term, but with NVIDIA, GPU driver hot fixes with the first hot fixes that fail to fix, maybe it will be worth me.
