I just received this official announcement from ASUS: ASUS response to the recent media reports regarding ASUS Live Update tool attack ASUS Live Updat
[See the full post at: ASUS tackles the ShadowHammer breach with improved security]
![]() |
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
SIGN IN | Not a member? | REGISTER | PLUS MEMBERSHIP |
-
ASUS tackles the ShadowHammer breach with improved security
Home » Forums » Newsletter and Homepage topics » ASUS tackles the ShadowHammer breach with improved security
- This topic has 10 replies, 8 voices, and was last updated 4 years, 6 months ago.
Tags: ASUS ShadowHammer
AuthorTopicViewing 6 reply threadsAuthorReplies-
alQamar
AskWoody_MVPAsus has awesome Mainboards but their security support is low on other fronts too.
Older and newer models haven’t seen microcode updates after May 2018. Thankfully Microsoft will do their job on Windows 10.
Most of the time when I saw people using this tool it said there is no update available, though they could have alerted to upgrade to AI suite 3 or other updates even bios updates or Intel ME Firmware aren’t listed, when checking against the website content.
Not speaking about notebooks only, but retail mainboards.
Lastly “ASUS has also implemented a fix in the latest version (ver. 3.6.8) of the Live Update software”
Do not expect that the live update tool will update itself rather users have to download the new tool theirselves.
Tldr: this tool is same as Acer updater absolutely useless. My recommendation: uninstall
Scope I can refer too is very large from 2nd gen to 8th gen Intel mainboards.
4 users thanked author for this post.
-
anonymous
GuestI personally haven’t had the best experiences with Asus products, but I can agree that the lack of microcode updates is bad. I have an MSI board from 2014, and it never got an update for Meltdown and Spectre. And like you said, Microsoft takes care of that on Windows 10. If it wasn’t for that, then a lot of users would be completely vulnerable, and a lot still are.
1 user thanked author for this post.
-
anonymous
Guest
-
ram5thwheel
AskWoody PlusI also have to agree. I have an older system purchased in mid 2014 (Q550LF) and I have had the Liveupdate service disabled for quite sometime now. The last update using this utility was an update to liveupdate version 3.3.4 dated October 2015. Nothing else after that.
I just spent half hour with ASUS chat looking to see if there was anything newer. They came back with a link to an older version of liveupdate (3.2.7) for Windows 8.1 (I am running Win 10 1809). Obviously I will not revert backwards. Other than that, they suggested leaving the service running just in case. I disable unnecessary or worthless services to save on memory etc. This seems to fit the bill!
Just my two cents.
ram5thwheel
-
ve2mrx
AskWoody PlusThere is not much worse than an update tool that fails to self-update. That is amateurish.
That reminds me of that TV company who had a compromised FTP password: they changed it, preventing TVs from updating in the future… Sooo bad!
3 users thanked author for this post.
anonymous
GuestSince the news hit, I’ve been sporadically running ASUS Live Update & checking updates to see if Version 3.6.8 is available. I have a 6-year-old X55A laptop (bought new in 2013 with Win8; now on Win8.1). Still showing Version 3.1.9; will keep checking. Not targeted by ShadowHammer, according to Kaspersky’s website.
1 user thanked author for this post.
WildBill
AskWoody Plus(Accidentally posted as anoymous, too)
Since the news hit, I’ve been sporadically running ASUS Live Update & checking updates to see if Version 3.6.8 is available. I have a 6-year-old X55A laptop (bought new in 2013 with Win8; now on Win8.1). Still showing Version 3.1.9; will keep checking. Not targeted by ShadowHammer, according to Kaspersky’s website.
Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...GoneToPlaid
AskWoody Loungergborn
AskWoody_MVPTo be fair, their servers were hit by a very sophisticated hacking group with an amazingly narrow target. My problem isn’t with ASUS. Nor is it with Kaspersky, which uncovered some truly breathtaking black hat technology. My gripe’s with the Chicken Little sounds emanating from Kaspersky PR.
Hm … just read my article Backdoor: ASUS has been warned about risks since months. If that’s true, what’s reported (and I have no doubts), it sheds a light to supply chain security.
And my problem is: Why are vendors shipping such (superfloux) tools, that has been always in the past been good for huge vulnerarbilities?
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
3 users thanked author for this post.
ram5thwheel
AskWoody PlusI have seen in this thread that in order to get the latest Liveupdate tool from ASUS, one needs to download it themselves. If you go to the ASUS support website and search on ASUS Liveupdate tool download, you are taken to a page that tells you to run your current liveupdate tool to make sure you have the latest updates. It does not provide a download link to get 3.6.8.
I see no current method of getting the latest version and I also have not seen any comments referring to version 3.6.8 other that in this thread. If someone has the link to the latest version, would be great if they could post it in this thread.
Thanks
ram5thwheel
Viewing 6 reply threads -

Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 11, Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.
Search Newsletters
Search Forums
View the Forum
Search for Topics
Recent Topics
-
Photos App running in background
by
Tom
15 hours, 18 minutes ago -
IPV6 Issue Win10 22H2 August Update
by
Win7and10
20 hours, 4 minutes ago -
Windows 11 Insider Preview build 23550 released to DEV
by
joep517
21 hours, 39 minutes ago -
Windows 11 Build 22621.2361 (22H2) released to Release Preview
by
joep517
21 hours, 41 minutes ago -
Lately I’ve been getting qr code spam attacks
by
Susan Bradley
1 day, 1 hour ago -
ghacks Wants Edge – FF Browser Update to View – hack/redirect
by
CraigS26
2 hours, 29 minutes ago -
iOS 17 : If your new iPhone gets stuck on the Apple logo when you transfer…
by
Alex5723
1 day, 8 hours ago -
Apple zero days out – September 2023
by
Susan Bradley
1 day, 3 hours ago -
No shortcuts to files on Taskbar in Win11
by
KingGeorgeN
1 day ago -
“New” Google Sites vs Network Solutions: domain resolution
by
Towson_Steve
11 hours, 19 minutes ago -
Topic: Privacy Report on Modern Cars
by
oldfry
1 day, 13 hours ago -
Microsoft’s massive Windows 11 update, featuring Copilot AI, begins rolling out
by
Alex5723
1 day, 10 hours ago -
MailStore Home updates
by
Alex5723
2 days, 10 hours ago -
T-Mobile users say they see other people’s account information
by
Alex5723
2 days, 22 hours ago -
Retirement of Exchange Web Services in Exchange Online
by
Alex5723
3 days, 10 hours ago -
What Remote Desktop credentials do I use to access a MS Account computer
by
JP
1 day, 23 hours ago -
Office 2003 Compatibility with One Drive in Windows 11
by
langsjw
3 days, 21 hours ago -
Has KB5030219 been pulled for Windows 11 Pro for Workstations?
by
jharri46
1 day ago -
By default encryption on Apple
by
Susan Bradley
3 days, 14 hours ago -
KB5029331 Macrium/Reflect
by
fpefpe
3 days, 16 hours ago -
Windows 10 Build 19045.3513 (22H2) to Release Preview Channel
by
joep517
4 days, 3 hours ago -
Microsoft worker accidentally exposes 38TB of sensitive data in GitHub blunder
by
Nibbled To Death By Ducks
3 days, 12 hours ago -
Change CPU/Mainboard without reinstallation of OS and Apps – Win10
by
schmersa
3 days, 17 hours ago -
Mouse slows to crawl if Edge in focus
by
bryash
4 days, 22 hours ago -
Windows and Surface chief Panos Panay is leaving Microsoft
by
Alex5723
4 days, 12 hours ago -
Essential Office Portable
by
Microfix
5 days ago -
Essential Office: Disable Spell Check
by
Bob Blum
5 days ago -
Apple 2030
by
Will Fastie
11 hours, 54 minutes ago -
Wi-Fi 7? Why not!
by
B. Livingston
1 day, 10 hours ago -
Second city — the AI view from Washington
by
Max Stul Oppenheimer
5 days, 9 hours ago
Recent blog posts
Key Links
Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.
Mastodon profile for DefConPatch
Mastodon profile for AskWoody
Home • About • FAQ • Posts & Privacy • Forums • My Account
Register • Free Newsletter • Plus Membership • Gift Certificates • MS-DEFCON Alerts
Copyright ©2004-2023 by AskWoody Tech LLC. All Rights Reserved.