Got a Netgear Router? You Should Probably Patch It Now
Wireless routers are the ultimate “can’t live with ‘em, can’t live without ‘em” piece of household technology. While they facilitate wireless Internet fun for the whole family, they also represent a single entry point to everything you do on the internet — and an entry point that usually has a rusty fence latch and a sleeping security guard, at that.
The Netgear Nighthawk R7000P, one of the routers that needs updating. Credit: Tom's Guide
Netgear recently patched a whopping 50 flaws in some of its bestselling routers and other networking devices, so if you’d like to polish that fence and nudge the guard awake, now is the time to update your firmware.
Netgear keeps track of its various router patches on its Security page, while Threatpost, a news site run by Russian antivirus manufacturer Kaspersky Lab, has kept track of the various fixes. The router vulnerabilities range from the esoteric (cross-site-scripting vulnerabilities on smart home switches) to the potentially severe (remote-command hijacking on consumer-grade routers, such as the R7800 and R9000 lines). Also affected were Netgear switches and networked storage drives.
MORE: Best Wi-Fi Routers
There are two pieces of good news, however. The first is that none of these flaws has ever been exploited in the wild, to our knowledge. Security researchers found all of the bugs and reported them to Netgear, and Netgear addressed them in a timely manner. (Not all router makers are so on the ball.)
The second piece of good news is that you don’t have to do anything out of the ordinary to protect yourself. Just access your router's administrative interface (usually by typing 192.168.1.1 into your web browser), log in and update your firmware. The exact process varies by router, but Netgear can provide instructions.
Users often neglect router security, because updating firmware can be a cumbersome process, and it’s not immediately obvious to most users how much damage a hijacker could do through a router.
Remember, however, that your router handles all the internet traffic from every connected device in your home. Once the router is compromised, so are your computers, smartphones, game consoles and smart-home gadgets. A savvy hacker could steal your financial information or simply draft your computer into a botnet. Some of the Netgear flaws allow remote code injection without any user input, which is particularly troubling.
Even without these advisories, it’s a good idea to check your router firmware now and then and ensure that it’s up to date. Many routers — even newer ones — require manual upgrades. And while it may be considerate of your router to not reboot during your latest Netflix binge or Overwatch match, it may seem much less polite once your computer gets sent to work in the Bitcoin mines.