Security Vulnerability
Multiple Netgear Routers are Vulnerable (VU#582384)
According to US-CERT (part of the Department of Homeland Security), Netgear R6200, R6250, R6400, R6700, R6900, R7000, R7100LG, R7300, R7900, R8000, D6220, and D6400 routers, and possibly other models, are vulnerable to arbitrary command injection. If you use one of the vulnerable Netgear routers, we recommend that you apply an update provided by Netgear, or discontinue use and replace the vulnerable device.
D-Link routers contain buffer overflow vulnerability (VU#332115, CVE-2016-5681)
Several models of D-Link DIR routers contain a vulnerability that may be used to remotely compromise the device. If you use a D-Link DIR router, please review the US-CERT Vulnerability Note and D-Link public advisory to determine if your specific model is affected.
WordPress 4.2.1 Security Release
Customers using WordPress on their hosted web sites should immediately update due to a critical security issue. See…
https://wordpress.org/news/2015/04/wordpress-4-2-1/
WordPress 4.2.1 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately.
A few hours ago, the WordPress team was made aware of a cross-site scripting vulnerability, which could enable commenters to compromise a site. The vulnerability was discovered by Jouko Pynnönen.
WordPress 4.2.1 has begun to roll out as an automatic background update, for sites that support those.
For more information, see the release notes or consult the list of changes.
Download WordPress 4.2.1 or venture over to Dashboard → Updates and simply click “Update Now”.
Windows XP Support Ending on April 8 2014 (EOL)
On April 8 2014, Windows XP, now 12 years old, will no longer be supported by Microsoft. Widomaker will also end support for Windows XP at the same time. Additionally, Outlook Express and Microsoft Outlook 2003 will no longer be supported (prior versions are already unsupported).
D-Link Router Security Issue
Vulnerabilities have recently been discovered that affect certain models of D-Link broadband routers. If you are using one of the affected models you should take steps to update the firmware of your router with the security patch provided by D-Link, or replace the device.
The list of affected D-Link router models can be found in CERT Vulnerability Note VU#248083 or in D-Link’s page on the issue. D-Link’s page says that firmware updates should be available by the 31st of October, 2013.
An example photo of a D-Link DI-524 wireless router (one of the affected models) can be found here.
If your D-Link model IS NOT listed as affected then you DO NOT need to take any action.
You should not continue to operate a vulnerable D-Link router because it will put your computers and personal information at risk.
If you would like to replace an affected D-Link device, and you would like to purchase a replacement router from Widomaker, please call, or e-mail, our office to discuss the available options.
