Some Netgear Devices May Have Vulnerabilities According To Microsoft

netgear routerDo you use a Netgear DGN router, either at home or in your office? If so, be aware that Microsoft has discovered a number of security flaws that impact those devices, if they are running a firmware version older than V1.0.0.60.

Those vulnerabilities give attackers access to an unpatched router’s management page, which can be used to bypass whatever network security you may have in place and allow the attackers to derive saved router credentials via an accompanying side-channel attack.

In all, Microsoft unearthed three different security flaws, all rated serious to critical. If there’s a silver lining to be found in the discovery, it lies in the fact that Netgear has a fantastic track record when it comes to responding to discoveries like these. In fact, the company has already issued a patch for the firmware which addresses all three.

If you’ve already checked, and you’ve confirmed that you’re running a vulnerable version of the firmware, to get the patch, just head to Netgear’s support page. Once you’re there, start typing in the model number of your router in the search box on that page and a drop down list will appear with the company’s routers most likely to match what you’re typing.

When you see your model number, click it and it will direct you to the page for that model. If you happen not to see a drop down box, you may not have entered your model number correctly, or selected a product category.

In any case, once you’ve located your model and made your way to that page, you’ll see a “Downloads” link.

Click that and look for “Current Versions.” Beneath that, you’ll find a listing of firmware versions. Simply select the latest one available, download and install.

Kudos to Microsoft for their sharp eyes in spotting the trouble, and to Netflix for responding so quickly. Be safe out there.

Used with permission from Article Aggregator

Knowledge is Power!

Sign Up to Receive Our FREE “Cyber Security Tip of the Week”

No Catch. No Obligation. Just week after week of timely tips to keep you one step ahead of hackers.