![]() ![]() Q-Fan ControlĬonfigure the fan's operating speed manually or use pre-configured fan profiles to quickly select Standard, Silent, Turbo or Full Speed modes. Port configuration settings between different BIOS versions or share them with friends. Quickly and easily find the option or setting you're looking for. Rename SATA ports for easy identification. Track the latest changes and save preferred profiles onto a USB drive. Restore your SSDs to factory-fresh condition. ![]() GPU POSTĪutomatically detect selected ASUS graphics cards to view detailed information. S.M.A.R.TĬheck your storages devices' Self-Monitoring, Analysis, and Reporting Technology logs to gauge reliability and to identify potential failures. EZ Flash 3įlash the latest BIOS via the internet from within the BIOS. But even antiviruses can be ineffective: gamers have a habit to disable the security tools from running into the background.Quickly find tuning options and add preferred tools to the list. Will it cause a spike of malware injection through that way? No one knows. Regardless of the fact that ASUS reacted pretty fast to that problem, there will be a lot of users who will miss it, or decide to install a patch later. The exploit is already listed on the CVE website under the code “CVE-2021-40981”. In the case of Armoury Crate, they left this breach unsecured because it was likely concentrated on providing the main functionality and design of the app. He says that such a situation is not something rare, especially when it comes to narrow-specification programs. However, some further comments appeared from the aforementioned bug-hunter – AppTortellini. Users are already waiting for October 1, 2021, because this breach is a perfect way of injecting something much more serious than adware or browser hijacker.ĪSUS did not comment on this situation, besides promising to fix the problem. In an extremely short period of time – in only 18 days from the report date – the patch which fixes that breach will be available. The company was grateful to the bug-hunter for finding such a simply exploitable vulnerability. Once your elder brother is logged into the system, the malware is able to do what it is designed to do. Nonetheless, it is still a pretty often scenario when the computer is shared, for example, between younger and older children, with user and administrator privileges correspondingly. However, it can only be executed under the user with administrator privileges. As he says, it is very easy to create a separate user with administrator privileges and then manage the system remotely.Īs the same bug-hunter says, the privileges of the simple user are enough to inject the malicious DLL instead of a regular one. Fortunately, this security breach was not used by cybercriminals – it was just discovered by a bug-hunter. Anything can just swap it on the other library, and it will be executed with very high privileges. The problem hides in the fact that Armoury Crate does not check the correctness of the DLL it uses. Touching the Ring 2 or even Ring 1 is not a thing that must be done recklessly. Since the program works on a very deep level, the privileges that this program uses are very high. The path to this DLL is %PROGRAMDATA%\ASUS\GamingCenterLib. It also works with a DLL that is needed for the correct operation of that tool. It is responsible for the correct interaction of the exact application with system components. This is system process that is created together with the program installation. To manage the setups of low-level hardware, Armoury Crate uses a Lite Service. This tool is very useful and loved by ASUS ROG users, but no one expected such a threat. Adjusting the CPU clock rate, fan speed or RAM frequency – all these things are possible through the graphic interface. That app allows you to control all elements of your PC that are placed on the motherboard. Hacking the Armoury CrateĪrmoury Crate is a program created by ASUS specially for the users of the motherboards of the ROG series. Exactly, this breach is related not to exact motherboards, but to the complementary software – Armoury Crate. This security breach is critical and worth your attention since it is extremely easy to exploit. Gaming series of motherboards from ASUS, a well-known Republic of Gamers (ROG) product line appears to have a vulnerability. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |