ASUS has apologized to its customers for a server-side security maintenance error that has caused a wide range of impacted router models to lose network connectivity.
The problem has been extensively reported on social media and discussion platforms since May 16, 2023, with people appearing puzzled by the
simultaneous connectivity issues on multiple ASUS routers and others
complaining about the lack of communication from the vendor's side.
As the Taiwanese hardware maker explained in a statement published today and via a
security bulletin, the problem was introduced by an error in the configuration of a server settings file.
"During routine security maintenance, our technical team discovered an error in the configuration of our server settings file, which could potentially cause an interruption in network connectivity on part of the routers," explains ASUS in a support bulletin.
While the company’s statement does not explicitly state what kind of error occurred and how exactly it impacted remote routers,
a user on Reddit explained that the connectivity issues were caused by a corrupted definition file for ASD (
ASUS AiProtection).
"Updating the firmware has pretty much universally fixed this, but so does simply resetting the router to factory defaults so long as it clears the NVRAM," explained the user on Reddit.
"In fact, any method that removes the offending file (/jffs/asd/chknvram20230516) will return the router to normal."
The ASD is a built-in security daemon supplied by Trend Micro, and it is used in a wide range of router models for real-time protection against emerging threats.
However, this component is updated regardless of whether the user has automatic security (firmware) updates enabled on their device or not.
Reportedly, the corrupted definition file for ASD was automatically pushed to all impacted routers, causing them to run out of filesystem space and memory and eventually crash.
arstechnica.com
