Abarbarian
Acruncher
- Joined
- Sep 30, 2005
- Messages
- 11,023
- Reaction score
- 1,221
ASUS Z390 Motherboards Automatically Push Software into Your Windows Installation
Neat move ASUS
During testing for our Intel Core i9-9900K review we found out that new ASUS Z390 motherboards automatically install software and drivers to your Windows 10 System, without the need for network access, and without any user knowledge or confirmation. This process happens in complete network-isolation (i.e. the machine has no Internet or LAN access). Our Windows 10 image is based on Windows 10 April 2018 Update and lacks in-built drivers for the integrated network controllers
According to the Microsoft WPBT reference, which describes this feature as useful for "anti-theft software", this binary is a "native, user-mode application that is executed by the Windows Session Manager during operating system initialization.", which means "before all other programs, with administrative privileges". This gives pretty much full control over everything, including protected folders and the registry.
Our motherboard was supplied within the European Union, and yet the software lacks a GPDR-compliant user consent dialog. If nothing else, a person's IP address will be transmitted to ASUS without consent, possibly more, including details like motherboard model, system specs and installed hardware.
Even when the Armoury Crate Uninstaller is run from "Programs & Software", the AsusUpdateCheck service doesn't get uninstalled, and the uninstaller also forgets to remove a second service it installed.
This method of writing data to protected areas of the boot drive may not be uncommon with OEM pre-built desktops and notebooks, but for the PC DIY space, in which consumers seek a higher degree of control and privacy over their hardware and software, it is a first and comes across as intrusive. It should normally take a lot of privilege for anything to write to your System32 folder without user-intervention, at least a UAC dialog authenticating the user's consent. Lenovo has used the same method in 2015, which resulted in a huge scandal. They automatically installed a rootkit, which logged data and pushed bloatware into the user's system.
We're sure that as a market-leading motherboard vendor, the intentions behind this couldn't have been bad. It only needs a bit of polish, and a lot of transparency with the user.
Neat move ASUS
