Microsoft Discloses Serious Security Flaws With Netgear WiFi Routers, See If You're Affected
As cybersecurity solutions tighten up and prevent many attacks, threat actors are looking for new and innovative ways to attack systems. This has led to a rise in attacks that start “outside and below the operating system layer,” such as firmware attacks and ransomware attacks through VPN devices or other internet-facing devices, as Microsoft explains. Thus, it is critical to secure software that runs things like routers, as the Redmond-based company has now discovered.
Published on the Microsoft Security blog yesterday, the MS365 Defender Research Team was researching device fingerprinting within Microsoft Defender for Endpoint when the team found some interesting activity. Microsoft Defender had flagged “a device owned by a non-IT personnel was trying to access a NETGEAR DGN-2200v1 router’s management port,” which is definitely not normal. While the communication to the router was encrypted, this did not stop the team, who then decided to look at the router and its firmware to see if it had security weaknesses.

After these were found, Microsoft disclosed its findings to NETGEAR, which has now fixed the issues and is recommending NETGEAR DGN-2200v1 owners update their firmware. However, this is just one router of thousands, and there are likely many more undiscovered vulnerabilities for each one. This is why Microsoft “emphasize[s] the importance of securing the full range of platforms and devices, including IoT,” as you never know what is next in the hacker’s playbook.