News this week about attackers compromising an automatic software update mechanism at ASUS to distribute malware to targeted victims has refocused attention on best practices for addressing risks to organizations from trusted vendor and channel partner relationships.
ASUS on Tuesday announced that it has addressed an issue with a version of its Live Update utility that last year allowed an attacker to distribute malware disguised as legitimate software updates to some customers of the company’s notebook computers.
The Taiwanese computer maker said it has also implemented “multiple security verification mechanisms” to prevent attackers from manipulating the company’s automatic software update mechanisms in the future.
It also released a diagnostic tool that customers of its notebook computers can use to quickly determine if their systems were infected via the compromised Live Update utility. ASUS is urging customers with infected systems to back up their files and restore the operating system to factory settings.
ASUS announced these new…
