The video exposes multiple severe security vulnerabilities in ASUS hardware and software, including Armory Crate, DriverHub, the RMA system, and ASUS routers, some of which have been actively exploited or could have compromised millions of users’ data. It urges users to uninstall risky ASUS software, update firmware, and criticizes ASUS for poor security practices and slow responses, highlighting the ongoing risks posed by deeply embedded utilities like Armory Crate.
The video discusses a series of significant security vulnerabilities recently discovered in ASUS hardware and software, highlighting a troubling pattern of risky practices by the company. Key affected products include ASUS’s Armory Crate software, DriverHub utility, the RMA system, and ASUS routers. Many of these vulnerabilities either have been actively exploited or could have exposed millions of customer records if malicious actors had taken advantage of them. The video stresses the importance of users updating or uninstalling vulnerable software and updating router firmware to mitigate risks. It also criticizes ASUS for pushing problematic software like Armory Crate, which is deeply embedded at the motherboard level and behaves much like malware, often reinstalling itself even after being disabled.
One major vulnerability was found in DriverHub, ASUS’s driver utility, where an attacker could exploit weak URL validation to download and execute arbitrary code with administrator privileges. This exploit was surprisingly simple to carry out once the attacker controlled a malicious website, and although it appeared not to have been exploited in the wild, it posed a serious risk. ASUS has since patched this issue, but the video recommends uninstalling such bloatware entirely to reduce future vulnerabilities. The researcher who discovered this also highlighted ASUS’s poor response to security reports, including minimal recognition and slow fixes.
Another critical issue involved the ASUS RMA system, where hardcoded administrator credentials in the My ASUS software could allow attackers to access sensitive customer data such as full names, dates of birth, phone numbers, and addresses. This vulnerability affected anyone with an ASUS account, not just those who had used the RMA service. Although ASUS patched this flaw, ongoing research suggests more undisclosed vulnerabilities may exist. The video also mentions frustrations with ASUS’s warranty service from a customer perspective, emphasizing that software security issues add another layer of concern.
The video highlights an ongoing active exploit targeting ASUS routers, dubbed “Ace Hush,” which uses vulnerabilities within the ASUS AI Protection feature itself to create backdoors that survive firmware updates and reboots. This exploit is part of a broader campaign potentially laying the groundwork for a botnet, with infected routers being tracked globally. ASUS recommends firmware updates and factory resets, but the video warns that once compromised, routers may be impossible to fully clean via updates alone, underscoring the need for proactive security measures.
Finally, the video returns to Armory Crate, ASUS’s motherboard-level utility, which has long been criticized for its invasive and persistent behavior. Recent vulnerabilities in its kernel driver could allow attackers to execute code at the kernel level, granting extensive control over the system. Despite patches, the nature of Armory Crate’s integration into hardware and firmware means it poses ongoing risks, especially since Windows updates may inadvertently reactivate it. The video concludes by urging users to uninstall unnecessary ASUS software, keep firmware updated, and calls on ASUS to reconsider its risky software practices that create avoidable security issues for its vast user base.