NETGEAR have fixed security exploits in some of their newer routers

Netgear DG834G ADSL2 wireless router

If you are running a recent NETGEAR router, make sure its firmware is up to date

Article

Netgear Patches Its Router’s Security Holes, Download Your Updated Firmware Today | Lifehacker

From the horse’s mouth

NETGEAR

Original Security Advisory

Models affected
Smart Wi-Fi Router AC1600 R6250
AC1750 Smart Wi-Fi Router – 802.11ac Dual Band Gigabit R6400
Nighthawk AC1900 Smart Wi-Fi Router R7000
Nighthawk X6 – AC3200 Tri-Band Wi-Fi Gigabit Router R8000
Nighthawk AC1750 Smart Wi-Fi Router – Dual Band Gigabit R6700 Beta firmware
Nighthawk AC1900 Smart Wi-Fi Router R6900 Beta firmware
Nighthawk 4G LTE Modem Router R7100LG Beta firmware
Nighthawk DST – AC1900 DST router
HomeNetworking01.info coverage
R7300DST Beta firmware
Nighthawk X6 – AC3000 Tri-Band Wi-Fi Gigabit Router R7900 Beta firmware
Wi-Fi VDSL2+/ADSL2+ Modem Router D6220 Beta firmware
AC1600 WiFi VDSL/ADSL Modem Router – 802.11ac Dual Band Gigabit D6400 Beta firmware

My Comments

NETGEAR had faced a serious problem with some of its recent-model routers due to a security exploit in the firmware that drives these network-Internet “edge” devices. Previous coverage about this issue had required you to use another router for your home network to stay secure.

This has had NETGEAR rush out firmware updates for each of these affected routers in order to mitigate the recently-discovered security exploit.

A problem that besets most of the commonly-available home-network bardware is that firmware updating requires you to visit the manufacturer’s site, download the firmware as a special file package for your device, then upload that package to your device via its Web-based management interface. This can daunt some computer users who haven’t much experience with these kind of hardware maintenance tasks.

Personally, I would like to see steps taken to support automatic firmware upgrades such as what AVM are doing with their Fritz!Box devices, or at least the ability to click on a button in the management interface to start the download and update process for the device’s firmware. This is a practice that is being implemented in most of the European-made modem routers, along with most consumer-electronics devices like Smart TVs and set-top video peripherals.

There is also the issue of protecting the update files so that you aren’t installing malware on your device and it may involve processes like authenticity checks for software delivered as part of a firmware update or functionality add-on.

The update procedure

The update procedure will require you to download the updated firmware package using your regular desktop or laptop computer. Here, they recommend that you connect your regular computer directly to the router using an Ethernet cable if you can do so for the download and update process to be sure that this process works reliably.

Follow the link listed in this article to the NETGEAR-hosted support page for your router’s model. You will see the link for the firmware package you need to download. Here, you download that firmware package to your “downloads” folder.

Then, once you have downloaded the firmware from the NETGEAR site, you log in to your router’s management page from that same computer using your favourite Web browser. For these routers, the URL is http://www.routerlogin.net. Subsequently, you have to visit the ADVANCED tab, then the Administration option, then the Firmware Upgrade option.

In that screen, you click the Browse button, which will pop up a file-system dialog box where you have to find the firmware file that you downloaded in your “downloads” folder. Once you have selected the firmware file, click the Upload button to transfer the firmware to your router, whereupon it will commence the updating process. Leave the router alone during this process so as not to interrupt this critical process. You will see a progress bar to indicate how the upgrade is progressing.

Once this update procedure is done, a good practice would be to regularly visit NETGEAR’s support pages for your particular router and check for newer firmware on a regular basis. Then, if there is newer firmware available for your device, update it following the instructions on their Website or the general instructions listed in this article.

Conclusion

The increased awareness by industry and computer media regarding software quality and data security for dedicated-purpose devices connected to the Internet along with consumer / small-business network-infrastructure devices is going to make companies who design these devices or the software that runs them wake up regarding these issues.

Send to Kindle

Leave a Reply

*