ASUSpicious Flaw – Users' Information Exposed Since 2022

In Windows, hardware vendors have a bad habit of installing useless stuff. Latest trick is that the motherboard contains the payload that gets automatically installed when installing Windows. I had no idea it was even possible. This 'feature' can apparently be disabled from bios, but it needs to be done before installing Windows.

I happen to have both of those DLLs, but I had already disabled all ASUS-related services. I use this script to disable all services starting with "Asus" on startup. [1]

To disable the MyASUS auto-installer in BIOS go to Advanced, there is an option to disable auto-downloading of MyAsus in Windows. [2]

[1]: https://gist.github.com/Ciantic/76ade5f2731cbe87b70d17ff2898...

[2]: https://github.com/sammilucia/ASUS-G14-Debloating/blob/main/...

I think MyASUS was the piece of software that automagically installed itself on my computer a few weeks ago. I still have no idea how it got there; I just uninstalled it as soon as I saw.

Hopefully it happened to make sure people had the updated version, but I'm gonna keep uninstalling bloatware as much as possible for the reasons outlined in the blog post.

No bug bounty? Major hardware company? Disaster in 3 .... 2.... 1...

Asus is absolutely horrible when it comes to security and always has been. If people keep looking around I'm sure they'll find plenty more. They company doesn't learn and doesn't care.

Between ASUS's incompetence, refusal to support LVFS, refusal to publish BIOS updates for USB4 or for basic security/UEFI issues, their garbage software on Windows, and the amateurish/rude behavior from Asus-Linux folks... I have lost all will to buy anything ASUS again. And it's a shame, this G14 is my absolute favorite computing device of all time.

Once again, I do not believe that these HW manufacturers understand how much good-will they squander by being cheap arses on the software. If only there were an established company here showing how things could be done....