Asus bombards Windows 11 with christmas.exe malware-like Christmas wreath banner
Asus bombards Windows 11 with christmas.exe malware-like Christmas wreath banner
The manager who approved this need to be fired. Programs need to ask permission to the user before installing, especially when they're not device drivers.
This is literal malware and there's also a chance that it might be exploited (example: a mitm Attack exchanges the file that armory crate is downloading)
This kind of Easter egg is not funny at all, developers must avoid undocumented time bombs. I still remember that day 15 years ago when I turned on my Wii and it said that the system files were corrupted. After hours of reverting a full nand backup via bootmii (and losing 2 years of game saves) it turned out that it was a funny April's fool by crediar, which put a fake system corruption message when you run his program on April 1st. Problem is that his program was a loader for the system menu so it was unavoidable if you didn't know that.
Like me, there must be someone paranoid that saw that black bar on the screen, saw a weird Christmas.exe running on their system, and starting wiping or restoring old images to "clean" that.
When you turn on your PC and notice that there’s a huge Christmas banner on your desktop, do not panic – your device is not compromised.
Hah, well a vendor just pushed unapproved executable to the device and ran it without consent. Under any definition or other context it's definitely compromised.
This is why I boycott Logitech, they started pushing the Logitech Download Assistant through Windows Update as soon as you connect a Logitech mouse/keyboard.
It autoruns not only when it is first installed but on every startup.
It is rather annoying to try and uninstall it, I don't get why there has been so little backlash against this....
Microsoft permitting this is devaluing Windows Update, the driver (.inf) should be installed automatically, any executable file that WU wants to download and run on your computer should just bring up a small Windows notification saying something like this:
The device you just installed requests to download and run the following program from Windows Update:
Logitech Download Assistant
Will you approve or reject this request? Approve/Reject
It is just terrible that this is permitted
It's almost as if the PC doesn't belong to you anymore
I get this request sometimes on my work machine. Guess what? I don't even have the rights to install it. Insanity
It sucks because I've always liked Logitech hardware. Though I suppose you don't need to run the software suite (or if you're on Linux it isn't an option anyway).
I had windows update try to brick the BIOS on my Lenovo workstation recently. I can't believe Microsoft and manufacturers do this kind of shit. Luckily my workstation had dual BIOS so I could recover it. Between that and the fact that lenovo manufacturer locks their processors I would have waited until I could afford a supermicro had I known.
Welp, seems ASUS motherboards also push this by default: https://www.techpowerup.com/248827/asus-z390-motherboards-automatically-push-software-into-your-windows-installation
During testing for our Intel Core i9-9900K review we found out that new ASUS Z390 motherboards automatically install software and drivers to your Windows 10 System, without the need for network access, and without any user knowledge or confirmation. This process happens in complete network-isolation (i.e. the machine has no Internet or LAN access).
This is how cheats are installed on LAN competitions
Holy shit. I got Logitech peripherals, and an ASUS motherboard. I'm glad I'm on Linux. I still have Windows installed, and booted into it around 2 weeks ago, after it having lied dormant for four months. I didn't notice anything being installed, but maybe I had to reboot first.
Quite possibly, my peripherals and motherboard are all too old to have this anti-feature. Do you know if there is a list of which of their hardware this is the case for?
Damnit, I always preferred Logitech mice. I guess I might have bought my last one.
Similarly (above), I can't confirm this either, on two different Asus boards, still in support/updates. I'm assuming this requires their software to be installed, which there's no point to, so I didn't bother... Maybe it's part of their armory crate system, which can (should) be disabled in the bios...
If it's unwanted, disruptive, and (allegedly) impacts performance, that's not "malware-like". It's malware.
Confirmed, windows 11 is malware.
The seven windows 11 users disagree with you
(I am not one of them)
It also automatically reinstalls itself through a BIOS feature. That's advanced level malware.
Right? I thought I read that wrong!
To disable future crap like this you gotta do it in the FUCKING BIOS? Wtf Asus....
I think the title indicates that it's like the malware known as "Christmas.exe".Edit: I have too much faith in humanity..
From the article:
Even worse, the malware-looking Christmas wreath is linked to a process called “Christmas.exe.”
So the process was actually called that. It popped up on my machine this morning and I immediately started scanning the whole system for malware and searching to see if anyone else had this problem.
it is a very subtile ad for linux
the wreath has a memory leak
modern app design and its consequences
More like old app design. It's much harder (but of course fully doable) to have a memory leak in modern languages.
WDYM "malware like"? It is malware.
"do not panic – your device is not compromised."
meme(always has been)
if someone not you installing crap you dont want isn't compromised then i dont what is
There is nothing wrong with your device. Do not attempt to adjust the picture. We control the horizontal. We control the vertical.
It is a part of the ASUS Armoury Crate software that is pre-installed on some ASUS PCs.
Always flash new OS if you buy a computer.
That won’t get rid of it unless you also manually go into the BIOS and disable the install ASUS Armoury Crate setting as explained in the article.
If you don’t do this it will automatically reinstall even on a fresh install of Windows. Some of these bloatware programs will even install without an internet connection! This absolutely ludicrously stupid feature is called WPBT and is used by lots of manufacturers. Luckily it doesn’t work on Linux (at least for now…).
That's in the bios, it's a pcie device that windows allows to inject root level code into your environement, you have to turn it off and hope nothing ever spoofs that pcie id because that's a permanent hardware rootkit into your pc like EFI
This will be executed even on new fresh installation oob.
Yet another vendor-bootkit?
He didn't say to flash Windows. 😉
Which distro do you recommend?
If you want minimal hassle, Mint is the deal.
Universal Blue is my go-to. Their OSs feel like the future. They are so easy to use and low maintenance. The upgrades happen in the background and apply automatically when you restart your computer.
There are three flavors: Bazzite for gaming Bluefin and Aurora for basic workstations and developers
I went with Aurora for myself because I like the developer focused stuff. But I also do a lot of gaming. Even though it's not gaming focused, it's still great for gaming.
My wife uses it on her laptop, too. She doesn't give a shit what her OS is as long as it works and she can use the browser.
This cracks me up that everyone has a different distro to recommend... But I've tried many and OpenSUSE Tumbleweed was the standout that I've decided to stick with indefinitely.
Depends on your skills and what you want. I'm currently configuring a setup on Void, to learn about login, Wayland & Flatpak. Is that up your alley?
Who green lit this? I really hope that person gets fired immediately.
The lack of any visual link to ASUS isn't even the biggest problem for me; it's that ASUS rolls out a program that (presumably) puts itself in autostart by default and just pops up without prompt at all.
Edit: There's a fucking setting in the BIOS to auto-install ASUS' bullshit software? And it's enabled by default.... jesus fucking christ
Most computers firmware can store a Windows executable. Microsoft pushed for an addition to the ACPI tables called WPBT. That stores a Windows exectuable in the firmware. It is of course totally used for the intended purpose...
I'm always dismayed but not surprised by how many people don't know about Windows Platform Binary Table, which has existed since Windows 8. It's not exactly the type of feature that Microsoft or the board vendors would want to publicize, seeing as it gives them persistent rootkit capabilities on the same level as UEFI rootkits.
Most normal people's model of Windows security is "if something goes wrong then I wipe the disk and reinstall Windows," and WPBT completely breaks that model, and has been doing so for 12 years.
Thankfully there are ways to disable it:
There has been for years now. Disabling it is part of my first-time setup for a new board.
My ASUS X470 board doesn't have it, though; guess it's a bit too old for that
Another reason to not buy any Asus stuff.
everyone submit a help desk ticket to Asus asking wtf is going on
Now ask the non-Christians need to do a class action lawsuit lol
Wot?
I'd love to know if this was just some guy who went 'let's ship it to all our customers!' or if this was a C-level 300 hours of meetings type of thing which concluded that spreading christmas
malwarecheer was the right move.this was downloaded and 'installed' by asus armory crate, which came from malware baked right into the bios of new and 'newish' asus motherboards (how to disable)
Remember when Lenovo did this?
Somebody should create a windows executable to be placed in the WPBT that silently install Linux on first windows boot....
Why don't every vendor with an installed app make a similar banner?
It would be so festive, and I bet people would love it, to have 20 or 30 such occurrences every time you need to use your computer during holidays.
It would of course be optimal if each has an animation and a tune, that need to finish before you can escape.
Weird that only Asus had this brilliant idea? It's so awesome when you are not in control of what happens on your computer.
/sIf you want to take back control, Linux is your best option.
Oooh, make one of them a little purple animated gorilla, I'd like that too.
banzai!!!!!
🎶 Daisy, Daisy, give me your answer true 🎶
And why stop at Christmas, there's so many other religious & non-religious festivals through the year... we could have these for every occasion
(also /s)
awesome, merry christmas
An unsolicited Christmas card through a letterbox would have at least been less worrying.
How was this even approved for deployment?
Haha, how fortuitous for me that my new SDD arrived over the weekend and I used the opportunity to install Linux on my Asus laptop.
I find it difficult to choose a motherboard because they all look shady. aSUS should be criticized for creating a bad app and installing it without consent but I feel like this could have been any other motherboard manufacture.
I havent had any issues or shady shit with Asrock. Straightforward BIOS, no bullshit settings.
Why???? who thought this was a good idea?!?
Thank god I was using Linux
Edit:Nvm its Armory crate shenanigansLINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX
GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux GNU/Linux..
Is a Linuc a single Linux?
Yes
Make no mistake, they will backpedal and apologize, but this was a flex. They want the public to know that their machines are fucking pwnt from top to bottom and they shouldn’t try any funny shit.
I got on this on Windows 10 too.
At first I thought I got a virus or something, but then realized this was some ASUS bullshit.
Glad I'm running linux on my asus computer, but I'm gonna re-check my bios for any bullshit like this.
Yeah, when I saw that shit I had a mini heart attack. Opened up process explorer to identify what was running. Found it was Asus and basically said "huh, how are you still here - delete"
If you don't disable it in the BIOS it will just come back on next boot.
it didn't come back. But will do.
Just like the Mozilla Mr. Robot “Easter egg”
The what?
yes it is malware
Windows is malware
Asus hacker: I'm in
Windows is a choice. You made it. Congratulations.
This doesn't have anything to do with Windows. This is ASUS's fault
Nothing to do with Windows? Are we sure about that? Asus is a Windows OEM that pre installs Windows and has enough privileged access to insert a surreptitious executable compiled specifically for Windows.
Yes, agreed, if they chose a *nix like OS and they had root, they could do the same thing and that would be equally shitty. It is Windows OEMs that exhibit this kind of fsckery and yes we do have a choice.
Nobody could ever execute an installer as root on a Linux system 🙄
Linux squashes root over ssh. An OEM could preinstall a sudo user to get around this but that kind of BS would be their death knell as a vendor.
Found the Linux community admin 🤣
Neither Linux nor Windows but it's a sensible guess :)
And again, don't have to deal with this corporate nonsense on my Linux machine. Maybe at work just ask IT to switch your machine to Linux. They likely won't, but if enough people complain and ask, they might actually start thinking about using sane systems
Maybe at work just ask IT to switch your machine to Linux.
Good luck lmao
Linux on enterprise user endpoints is an insane proposition for most organizations.
You clearly have no experience managing thousands of endpoints securely.
Can confirm, from the IT side of things my hands are tied until the people talk management into it.
But good luck getting them to give up on Microsoft 365. 🤢
Sure, ASUS is real bad for doing this, but Windows 11 users kind of have it coming to them.
This might be an unpopular take here on Lemmy but macOS, Linux or Windows 10 Enterprise LTSC IoT 2021 aren't for everyone.. Hell, I wouldn't expect typical users to even know how to reinstall their operating system at all.
That's kinda on the list of things that aren't my problem.
I hate to be that blunt, but seriously. It's 2024. If you want fairness, you're making it yourself. We're in the cyberpunk dystopia. Learn Linux or, send Microsoft a few disapproving letters and hope.
If Windows is a part of your job, at least write off any expense on your taxes so you don't pay for the pain.
Is it right? No. Everyone should have fair and equal software that is as useful as my tinkering makes mine, but life ain't fair.
don't blame the victim for owning a computer.
We blame dog owners when their dog mauls them.
But yes, I meant it when I said ASUS was bad for doing this.
The feature that allows manufacturers to push software onto clean installs has existed since Windows 8. If you're advertising for Windows 10, you might want to try again.