Posted on Thursday, December 20 2018 @ 18:29 CET by Thomas De MaesschalckTwo of the vulnerable drivers are installed by the Aura Sync software (v1.07.22 and earlier) from ASUS and the flaws they carry can be exploited for local code execution.Some of the flaws enable an attacker to take full control over your system. ASUS was first informed about the vulnerabilities in November 2017, the company claimed to have addressed the vulnerabilities in March 2018 but SecureAuth noticed the latest driver releases still contained two of the three problems.
The drivers from GIGABYTE are distributed with motherboards and graphics cards of the same brand as well as from the company's subsidiary, AORUS.
The vulnerabilities lead to privilege escalation via software like the GIGABYTE App Center (v1.05.21 and below), AORUS Graphics Engine (v1.33 and below), the XTREME Engine utility (v1.25 and earlier), and OC Guru II (v2.08).
Gigabyte was made aware of the vulnerabilities in April 2018, but its Technical support team replied in May 2018 "that Gigabyte is a hardware company and they are not specialized in software." More technical details were requested, and Gigabyte's last answer was a statement that its products are not affected by the reported vulnerabilities. Definitely a weird statement as exploitation code exists for some of the vulnerabilities. Full details at BleepingComputer.
