Note: Updates will be added to the bottom of this post. On, 6/6/2018, additional router models were added to the list of affected devices.
It’s important that all Internet users take action to secure their Internet router to avoid very real negative consequences. The items below briefly describe what steps are necessary. For those who are uncomfortable with any of the steps, after step number one, please contact Widomaker, a local computer shop, or the Support Department of the manufacturer of your Internet router, for guidance.
Attention: All website hosting customers who use the WordPress content management system on their websites, please see below…
On Oct 16 2017 US-CERT released Vulnerability Note VU#228519 after researchers disclosed “serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks.” They have named the proof-of-concept exploits, KRACK (key reinstallation attacks)…
The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. […] To prevent the attack, users must update affected products as soon as security updates become available.
On, October 2, 2017, vulnerabilities (US-CERT VU#973527) were made public, by Google’s security team, in Dnsmasq, a widely used software package included in many Internet-connected devices, such as routers, IoT devices, and Android devices. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
According to US-CERT (part of the Department of Homeland Security), Netgear R6200, R6250, R6400, R6700, R6900, R7000, R7100LG, R7300, R7900, R8000, D6220, and D6400 routers, and possibly other models, are vulnerable to arbitrary command injection. If you use one of the vulnerable Netgear routers, we recommend that you apply an update provided by Netgear, or discontinue use and replace the vulnerable device.
Customers using WordPress on their hosted web sites should immediately update due to a critical security issue. See…
WordPress 4.2.1 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately.
A few hours ago, the WordPress team was made aware of a cross-site scripting vulnerability, which could enable commenters to compromise a site. The vulnerability was discovered by Jouko Pynnönen.
WordPress 4.2.1 has begun to roll out as an automatic background update, for sites that support those.
For more information, see the release notes or consult the list of changes.
Download WordPress 4.2.1 or venture over to Dashboard → Updates and simply click “Update Now”.
Vulnerabilities have recently been discovered that affect certain models of D-Link broadband routers. If you are using one of the affected models you should take steps to update the firmware of your router with the security patch provided by D-Link, or replace the device.
The list of affected D-Link router models can be found in CERT Vulnerability Note VU#248083 or in D-Link’s page on the issue. D-Link’s page says that firmware updates should be available by the 31st of October, 2013.
An example photo of a D-Link DI-524 wireless router (one of the affected models) can be found here.
If your D-Link model IS NOT listed as affected then you DO NOT need to take any action.
You should not continue to operate a vulnerable D-Link router because it will put your computers and personal information at risk.
If you would like to replace an affected D-Link device, and you would like to purchase a replacement router from Widomaker, please call, or e-mail, our office to discuss the available options.