Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Study shows 5 out of 6 routers inadequately updated for security flaws

2 Weeks Ago   #1
Brink

64-bit Windows 10 Pro
 
 
Study shows 5 out of 6 routers inadequately updated for security flaws

Quote:
A new study by a US consumer nonprofit has found that five out of six home routers are inadequately updated for security flaws, leaving the devices, and indirectly their users, vulnerable to hacking.

Carried out by the American Consumer Institute (ACI), the study analyzed a sample of 186 SOHO (small office/home office) WiFi routers from 14 different vendors with a presence on the US market.

ACI experts looked at the firmware version the routers were running and searched public vulnerabilities databases for known security flaws affecting each device's firmware.

"In total, there was a staggering number of 32,003 known vulnerabilities found in the sample," said ACI experts in the study published last week.

"Our analysis shows that of the 186 sampled routers, 155 (83%) were found to have vulnerabilities to potential cyber attacks, in the router firmware, with an average of 172 vulnerabilities per router, or 186 vulnerabilities per router for the identified 155 routers," ACI experts said.



Of the total 32,003 security flaws, more than a quarter were vulnerabilities that received the two highest severity ratings of "critical" and "high-risk" respectively.

"Our analysis shows that, on average, routers contained 12 critical vulnerabilities and 36 high-risk vulnerabilities, across the entire sample," researchers said.

These are staggeringly large numbers...


Read more:



My System SpecsSystem Spec
.
2 Weeks Ago   #2
Lady Fitzgerald

Win 7 Ultimate 64 bit
 
 

It would help if router manufacturers made updating routers easier. I'm not exactly a computer noob and I find updating ing my netgear router to be a royal PITA. At least Netgear does send me an email to inform me when new firmware is available. They even sent an email recently that my router needed updating when, in fact I had already updated to that version several months ago (yes, I checked to make sure the email wasn't spoofed; I never click on links in emails anyway).
My System SpecsSystem Spec
2 Weeks Ago   #3
dg1261

Windows 7/8.1/10 multiboot
 
 

IMHO, not a very useful "study".

The pdf lists the "routers included in the sample", but doesn't say which had vulnerabilities. If 83% had vulnerabilities, that means 17% were completely devoid of *any* of the 32,003 security flaws, doesn't it? It would have been helpful to know which those were. Were they randomly distributed, or was one brand consistently better than the others?

Furthermore, the study sample appears to be badly skewed. For instance, it lists the Asus RT-AC66U and the RT-1750, which are the same router with different model designations. And the RT-AC66U_B2 and RT-AC68U and RT-AC1900, which are all the same. I could go on with more examples.

If I put 12 units of a single router into the sample, can I then conclude that manufacturer is 12 times more vulnerable than the average?

And who knows how many other routers from other brands are essentially the same. How similar are the D-Link DIR-605L_VERSIONA and the D-Link DIR-605L_VERSIONB, for example? Or the Linksys WRT1900ACSV2 and the Linksys WRT1900AC_V2? Or the Netgear R7900 and the Netgear R7900P?

It appears in the latter case that the 7900 and 7900P actually use different CPUs, but my point is what effort or care did the study make to avoid functionally or actually identical products in the sample? Are two routers that may be essentially the same being given the same weight in the study as two uniquely different routers from different manufacturers?

And there's no indication how the study did its "counting" ... what do they mean by "5 out of 6" routers have security flaws? 5 out of 6 routers by market share? 5 out of 6 on the list, regardless of shipping volume?

As Mark Twain wrote, quoting Benjamin Disraeli, "There are lies, d**ned lies, and statistics."

Oh, and don't get me started on that really helpful pie chart!
My System SpecsSystem Spec
.

2 Weeks Ago   #4
F22 Simpilot

Windows 7 Ultimate x64
 
 

I see many legit ISPs trying to do nefarious things on my websites and I can conclude this is due to hacked routers. I have also read recently about a router hack going around that was created by some Russian hacker group. This is primarily why I use third party firmware, use a strong Admin. password and different user name, turn off remote Admin., UPnP and don't use port forwarding unless I need it.
My System SpecsSystem Spec
Reply

 Study shows 5 out of 6 routers inadequately updated for security flaws




Thread Tools




Similar help and support threads
Thread Forum
Comodo: A Number of Security Flaws and Potential Security Flaws
I am Autistic, and I have either a savant or a non-savant talent to find errors in almost anything. The only reason I am listing these errors on this particular firewall, and not others, since I haven't gotten around to testing if any errors exist in other firewalls. It usually just takes me a...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 00:33.
Twitter Facebook Google+