NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Does Netgear really "Push" critical security updates?
TLDR: Has Netgear "pushed" any firmware updates in the past 12 months? There have been critical security issues fixed during that period. User beware. If not: Be pro-active. Don't ass-u-me that everything is OK by default.
Some here have been advocating against updating firmware if the systems are otherwise functioning OK. The reasoning is that if the update was fixing critical security issues, Netgear would "push" it to the users, i.e., install it without any user intervention.
I am relatively new to the Orbi's, although I have been using various Nighthawk routers for decades before. I have NEVER had a firmware automatically install without my intervention.
Has that (push by Netgear) happened to Orbi users, like after March 2020, when some very critical security problems were revealed? These were rated 9.4/10 by NG themselves.
Thousands of Netgear routers are at risk of getting hacked (March 2020)
79 Netgear Routers Vulnerable to Serious Security Flaw (June 2020)
If, in fact NG does not push critical security fixes to the devices, then it is up to the user to keep up with firware update releases, find out the changes in the release notes, look up info on NETGEAR Product Security and install the updated firmware after taking everything into consideration.
21 Replies
If you're looking for the official Netgear policy, you may want to PM one of the moderators here and see if they will answer your question, otherwise what you'll recieve here is lots of personal opinions.
I don't need to ask NG because i know that they haven't pushed any updates in 2020. I can infer their policy from the underlying facts.
My logic is simple.
NG has had critical (9.4/10) security issues revealed (and fixed via firmware updates made available at their download site) in the past 12 months.
and
NG has not pushed any firmware updates to the units
therefore
If (you want to be be protected from those security issues)
then
update the firmware manually (and take the risks inherent in that process).
OK
Nice post
Good luck with your inference
Netgear does make firmware updates available to the live update feeds. If the device is configured for automatic updates, it will happen when available. If not - there is no unrequested or forced push of anything.
Disputable how smart the advise is to disable the automatic update as suggested. The problem was that many users had very bad experience with any kind up new updates.
schumaku wrote:Netgear does make firmware updates available to the live update feeds. If the device is configured for automatic updates, it will happen when available. If not - there is no unrequested or forced push of anything.
On the RBK50's, NG will inform the user that there are updates available. They have been doing that recently, confusing people about which ver is the latest etc. AFAIK, the user has to choose to install the updates. Is there way to configure it for automatic install?
I have removed my R9000 and I don't recall that there was a way to have the new firmwares install automatically on those.
Disputable how smart the advise is to disable the automatic update as suggested. The problem was that many users had very bad experience with any kind up new updates.
I don't like automatic installs myself. But I tend to read up about the latest issues in the news, listen to Security_Now podcast etc. The casual user is in a no-win situation: They can be on older insecure versions or enable automatic installation (if that is even available for the Orbi's) with its risks.
With my short history (2 months) w the Orbi's, I was asking if NG pushed and automatically installed fixes in 2020. Because they certainly had a couple of serious issues come up last year.
alokeprasad wrote:With my short history (2 months) w the Orbi's, I was asking if NG pushed and automatically installed fixes in 2020. Because they certainly had a couple of serious issues come up last year.
Perhaps the real question is, has anyone here had problems(?) with their system due to the 'serious issues' that came up last year you mention above?:mansurprised:
