Botched Asus Update Kicks Routers Offline Worldwide, Company Apologizes

You’re not alone if you’ve experienced network connectivity issues with your Asus router this week. As first reported by Bleeping Computer, Asus routers around the globe mysteriously went offline on or around May 16, with nary a word from the company on what was causing the problems.

However, Asus acknowledged the problem today, writing on its Product Security Advisory support page, “During routine security maintenance, our technical team discovered an error in the configuration of our server settings file, which could potentially cause an interruption in network connectivity on part of the routers.”

The company followed up by saying that its team “urgently addressed the server issue” and that any routers that were previously booted offline should now be fully operational.

While we are sure that Asus customers are appreciative that their routers should now be fully operational, many are still wondering what caused this global outage in the first place. This apparently wasn’t the case of a botched router firmware update wreaking havoc. Instead, redditor TheDeviceMangler has hypothesized that an update for the built-in security daemon contained a corrupt definition file. This component is updated more frequently and separately from the device firmware.

According to TheDeviceMangler, “As routers automatically updated and fetched the corrupted definition file, they started running out of filesystem space and memory and crashing.”

(Image credit: Tom’s Hardware)

It’s alleged the the security daemon is related to AiProtection, which is a software component of Asus routers, powered by Trend Micro. The security suite can automatically block access to known malicious websites that propagate malware, spam and adware. It also features a two-way intrusion prevention system to thwart DDoS attacks. In addition, it prevents infected devices connected to the router from being ensnared by a botnet. AiProtection can also send a push notification to your smartphone if a device infection is detected.

I’m currently using an Asus router with AiProtection enabled, and its last definition file (version 2.352) was installed on May 13. Luckily, my router, for some reason, didn’t download the botched definition file that affected other Asus customers around the globe.

While Asus didn’t confirm that a faulty AiProtection definition was the cause of the global outage, it did say that most users should be able to get back up and running by performing a manual reboot. However, if that doesn’t work, the company suggests you save your router configuration settings, perform a factory reset, and re-upload the configuration file. 

If it’s any consolation, Asus is sorry about the service interruption, even if the apology and fix came three days too late. “We deeply apologize for any inconvenience this incident may have caused and are committed to preventing such an incident from happening again.”