ASUS releases advisory to provide information related to the new implementation of a tiered certificate structure that upgrades ASUS’s security infrastructure of its expanding software ecosystem. The upgrade requires the current code-signing certificate of several ASUS products to be revoked. This revocation can cause some existing software utilities to trigger a Windows Security dialog box, and may prevent legitimate ASUS programs, such as Aura, AI Suite III, GPU Tweak II, and others, from running normally when users attempt to execute the associated ‘Setup.exe’ or ‘AsusSetup.exe’ file.
Last month, a security flaw was found in the previous version of the ASUS Live Update application. The security infrastructure update aims to assure ASUS users of improved data security. ASUS also announces the new and secured versions of the each ASUS software are updated and code-signed with a new digital certificate including the ASUS Aura Sync software. Check out the updated software list at https://www.asus.com/latest-software-update/
ASUS Advisory FAQs
What is a code-signing certificate?
Many companies, including ASUS, use electronic certificates to digitally ‘sign’ software code. These unique signatures provide users with an assurance that the code is legitimate, and has not been modified since being signed by the developer. For more information, please follow the link below: https://www.digicert.com/blog/ms-smartscreen-application-reputation/
Is my current ASUS software safe to use?
Yes. All previously released ASUS software obtained from official sources, such as the official ASUS support website, ASUS Q-Installer, ASUS Armoury Crate, or an ASUS support CD, is safe and does not contain any malicious code. However, to account for the growth of our software ecosystem, we have implemented a new certificate infrastructure that requires a software update. Please use the links above to download the latest software for your system.
How do I uninstall previous versions of Aura, AI Suite III, and LiveDash?
Windows may prevent you from uninstalling the related software due to the revoked certificates. In order to uninstall these programs, you will first have to disable Microsoft’s User Account Control (UAC):
1 - Type UAC in the search field of the Windows taskbar. (If the search field isn't visible, for Windows 10, right-click the Start button and choose Search;
for Windows 7, left-click the Start button and choose Search)
2 - Click ‘Change User Account Control settings’ in the search results.
3 - To turn UAC off, drag the slider down to ‘Never notify’ and then click ‘OK’.
4 - You may be prompted to confirm your selection or enter an administrator password.
5- Reboot your computer for the change to take effect.
Learn more about the ASUS Certificate Maintenance Advisory for Motherboards, Graphics Cards, Mini PCs, Workstations and Servers here.