The IT Nerd

Things seem to be evolving when it comes to the over 70 Netgear routers that are affected by a remote takeover flaw. An issue that Netgear has known about since the start of the year. But didn’t seem to do anything about until the issue became public. Which is one of the reasons why I recommended that you pull the router from service and get something else.

Now, if you want to keep your Netgear router in place rather than replace it with a more secure option from another vendor, I would direct you towards this page on the Netgear support site which seems to be updated on a semi-frequent basis with new router firmware. At last count, I saw new firmware for 8 of their routers. That’s up from two from yesterday. Keep in mind that over 70 routers are affected by this issue. Thus this while showing that they are trying to do something about this epic security #fail, it’s a drop in the bucket relative to the scale of the overall problem. But having said that, if you’re router has updated firmware available, you should install that firmware now. As in right the hell now. Because I guarantee that with exploit code and scanning tools being available, the bad guys are looking for your router to do something evil to it.

I’ll also note something else. On the “Workarounds” section of this page, it says this:

Turning off Remote Management on your router or gateway web user interface significantly reduces your risk of exposure to these vulnerabilities. Remote Management on your router or gateway’s web user interface is turned off by default. If you never enabled Remote Management, you do not need to take any action to turn off Remote Management.

You’ll note the words “significantly reduces your risk of exposure to these vulnerabilities.” It doesn’t say that it eliminates the risk. Which means that even if you do what Netgear suggests, it will only make your network safer, but not safe. Which is why by the weekend, my Netgear router will be off my network and replaced by something else.

There’s another question here that needs to be answered. This story has been out there for a day or two, and you’re seeing updated firmware appear very quickly. So that implies that they could have done this in January when they became aware of this issue. Thus the question is, why didn’t they take action then? Sure they could have been working on a fix between January and now. But if that were true, it should have been released to the public between January and now. Right? The cynic in me says that Netgear wasn’t interested in fixing this until it went public. But I am free to be proven wrong by Netgear. Seeing as they read my stuff, I challenge them to provide not only an answer for this, but please tell me and my readers why you should be trusted going forward.

So how about it Netgear?

This entry was posted on June 23, 2020 at 3:21 pm and is filed under Commentary with tags Netgear. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.