D-Link Decides To Only PARTIALLY Patch Routers That Have Serious Security Flaws…. WTF?

D-Link joins Netgear in being in my bad books because of this story from Bleeping Computer that details six security vulnerabilities in the DIR-865L wireless router. However, D-Link has only decided to patch three of those vulnerabilities:

D-Link has released a firmware update to fix three out of six security vulnerabilities reported for the DIR-865L wireless router model for consumers. One flaw is rated critical, others are high-severity.

Attackers can use the bugs to execute arbitrary commands, steal sensitive information, upload malware, or delete data.

Clearly these are not trivial vulnerabilities. And D-Link’s response is really bad. Here’s what they said:

“For US consumers, D-Link recommends this product be retired, and any further use may be a risk to devices connected to it and end-users connected to it” 

Seeing as this router was released in 2012, you can see why they have taken that stance. However since a lot of consumers simply install these routers and then forget about them, I believe that D-Link really needs to better support their customers. Or if you take D-Link at their word, this would be how I would deal with this situation. The second any D-Link router router goes end of life, replace it with a router from a vendor other than D-Link. Why? We’ve been here before with D-Link products. And they were slapped by the FTC for making insecure gear. Two big hints that you shouldn’t be buying their products.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: