==================================== Is ASMedia Firmware Updater Malware ==================================== Why does the updater get flagged as malware? ----------------------------------------------- The ASMedia firmware updater product is being flagged as malware or possibly unwanted application by some anti-virus programs because it contains a driver which gives access to kernel memory. This driver allows reading and writing to parts of protected memory in the kernel from an application run by the user. In the case of the ASMedia firmware updater, the driver installed by the application is used to write new firmware to a controller chip in the external storage enclosure. The new firmware cannot be written to the chip if this driver is not installed. The driver itself is not actually malware, but it could potentially be used by malware to gain access to the system. When is a Mac less secure? ----------------------------------------------- During the firmware update installation process, the only time that a Mac is less secure is when the firmware update driver is installed. This is during the 2 minutes when the actual firmware update is taking place and subsequently when the firmware update driver is being uninstalled. After the driver is uninstalled and the Mac is restarted, the driver and its ability to access kernel memory, are gone. Recommended actions: ----------------------------------------------- For the duration of the firmware update process, the anti-virus software and network access should be disabled. Disabling the anti-virus software will keep it from interfering with the update process and disabling network access will prevent any network based malware from using the installed driver as a way to infect the computer. Once the update is completed, the driver and the firmware updater should be moved to the trash, before enabling the anti-virus software and network access again.