News Flaw in Asus DriverHub makes utility vulnerable to remote code execution

[Admin]

A vulnerability has been exposed in Asus' DriverHub utility that makes it vulnerable to remote code execution attacks. Thankfully, the vulnerability has been patched and has not been used in any known hacks.

Flaw in Asus DriverHub makes utility vulnerable to remote code execution : Read more

 

[ejolson]

I'm wondering, are these automatic download and update schemes supposed to be convenience features or are they supposed to increase security?

 

[das_stig]

It's true if one gets a vulnerability then it's a danger, but not using one in my opinion is worse.
Worked for many companies that never updated bios or drivers on computer images except during hardware refreshes or switching Windows images.
I use mainly Dell and they all have DCU install and the number of updates is reassuring.
I would actually prefer to have the manufacturers submit their drivers for Windows Update to handle and Microsoft do a second level validation.
Yyes it is true I'd prefer not to have buggy software in the first place, but that's just wishful thinking.