WARNING (updated): CPUID website has been compromised.

-
 Advisory ID: UMC-SA-2026-001
Date: April 10, 2026
Severity: HIGH
Affected Software: CPUID HWMonitor, CPU-Z (all versions downloaded from cpuid.com)
Status: Unresolved — CPUID has not yet issued an official statement

Summary

The official CPUID website (cpuid.com) has been reported as compromised as of April 10, 2026. Community reports indicate that downloads of HWMonitor 1.63 from the official site are delivering a malicious installer named HWiNFO_Monitor_Setup.exe instead of the expected hwmonitor_1.63.exe. This installer has triggered Windows Defender warnings and includes a Russian-language dialog, indicating it is not a legitimate CPUID package.

UMC advises all users to immediately stop downloading any software from cpuid.com until further notice.

Affected Products

  • HWMonitor – hardware monitoring tool
  • CPU-Z – CPU identification and information tool
  • Any other software distributed via cpuid.com

Note: If you already have these tools installed from before April 10, 2026, your installed files are not the immediate concern. The risk is specifically in fresh downloads from the CPUID website at this time.

What Is Known

Users who attempted to download HWMonitor 1.63 via the official CPUID download page received a file named HWiNFO_Monitor_Setup.exe — a name that does not match any legitimate CPUID or HWiNFO release. The name appears designed to cause confusion by mixing two well-known hardware monitoring brands.

Reported indicators of the malicious installer include:

  • Windows Defender flagging the file upon download or execution
  • Installer dialogs appearing in Russian
  • An unusual Inno Setup wrapper not consistent with official CPUID packages

The exact attack vector has not yet been publicly confirmed. Possibilities include a compromised download server, a manipulated redirect, or backend interference. CPUID has not yet responded publicly or taken the download page offline as of the time of this advisory.

Separately, CVE-2025-65264 documents a local information disclosure vulnerability in the CPU-Z kernel driver up to version 2.17. CPU-Z 2.19 release notes mention a fixed DLL hijacking vulnerability. These are distinct issues from the download compromise but add to the overall concern around CPUID software security at this time.

What Is NOT Affected

HWiNFO (hwinfo.com) is not compromised. The malicious installer only uses the HWiNFO name as a lure. The legitimate HWiNFO 8.44 is available safely from hwinfo.com/download.

Recommended Actions

Do not download any software from cpuid.com until CPUID confirms the issue is resolved.

If you recently downloaded HWMonitor or CPU-Z, verify the file hash and digital signature before running it. Scan with Windows Defender and Malwarebytes.

If you ran a recently downloaded CPUID installer, treat the system as potentially compromised. Run a full antivirus scan and consider checking for unexpected background processes or network activity.

As an alternative to HWMonitor, use HWiNFO64 from hwinfo.com — it is clean and provides equivalent (or greater) hardware monitoring capability.

Monitor the official CPUID website and community sources for a resolution announcement before resuming any downloads.

UpdateSamuel Demeulemeester, the creator of CPU-Z and the founder of CPUID released a official statement:

Hi, Investigations are still ongoing, but it appears that a secondary feature (basically a side API) was compromised for approximately six hours between April 9 and April 10, causing the main website to randomly display malicious links (our signed original files were not compromised). The breach was found and has since been fixed.

Sorry for the inconvenience. I did my best to fix that mess as soon as possible :-/

Sam.

Samuel Demeulemeester, via a post on X

Sources

Legion Discord – #warnings channel (GhostFellow, April 10, 2026)

Reddit r/pcmasterrace – WARNING! HWMonitor 1.63 Download on the official "cpuid" page is a Virus!

igor'sLAB – Warning: CPUID Suspected of Being a Virus; Suspicious HWMonitor Downloads Raise Alarms (April 10, 2026)

NVD – CVE-2025-65264

This advisory will be updated if CPUID issues an official statement or resolves the incident. UMC does not endorse any third-party software downloads and encourages users to always verify file integrity before running installers.

Comments

Post a Comment

Popular posts from this blog

UMC Security Advisory - Celxpert Battery Issues

-
Image
Issue date: 30/07/2025  Updated : 31/07/2025  Note:  We updated with example of LNV -5B10W13897 batteries. (Update: UMC officially designated as L17C3PS2.) UMC ID: UMC01-07042   UMC today announced that was issued formal advisory that would recall of current fleet laptops is Lenovo ThinkPad L15 Gen 2a was equipped with Celxpert batteries because that degradation trend was flaw , lasting only 3+ hour battery life as observed. Key findings were included in screenshots. Figure 1: A degradation trend from 45.73Wh to 38.39Wh in Commercial Vantage. Multiple complaints from Reddit users raised concerns over the Celxpert batteries because they degrade into 16% wear level based on observations from linux-hardware.org sites that used to lookup for battery models and concluded that Celxpert (e.g,  LNV-5B10W13897  (L17C3PS2 detected) batteries) was worst long-term retention of advertised watt-hours. UMC recommends AVOIDING  Celxpert-made geninue Lenovo ba...
Read more

How I Became a Proactive Battery Monitor (Catching Issues Early)

-
Author : Felisitas Faya P. Most users notice battery problems only after something feels wrong — shorter runtime, sudden health drops, or unstable charging. By that point, degradation has already accumulated. My goal was different from the start: catch battery issues early , before they become visible, irreversible, or expensive. The Beginning: Observing, Not Assuming (2022) In 2022, I began continuously monitoring battery health on my Lenovo Yoga Slim 7 Carbon 13ITL5. Using Lenovo Vantage Battery Details alongside HWiNFO’s tray monitoring, I tracked capacity, temperature, charging behavior, and long-term trends in real usage. The purpose wasn’t to follow battery myths or chase perfect numbers. It was to understand how batteries actually age over time — slowly, quietly, and often invisibly. Expanding the Scope: Gaming Laptops and Heat (2024) In early 2024, I expanded this monitoring to my first gaming laptop, the IdeaPad Gaming 3 15ACH6. This introduced new variables: higher power draw...
Read more

UMC Bans the DeepSeek amid security concerns

-
 We are announcing the UMC now starting to ban the DeepSeek due to amid security concerns. The DeepSeek is a Chinese AI was developed by  Hangzhou DeepSeek Artificial Intelligence Basic Technology Research Co., Ltd. that doing business created the AI models is a thing dangerous. And the UMC banned the DeepSeek for employee using dangerous AI models that expose the personal and company information could potentially leak and vulnerable attacks that penetrated for my studio UMC Corporation. We advise to not use DeepSeek AI for security reasons. We appreciate this take serious action by UMC officials at representative from using Chinese AI apps. 
Read more