NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

Bobknds's avatar
Bobknds
Aspirant
Jun 21, 2016

how to update to OS6? Is it possible?

Netgear sent me an email recommending upgrading, said: The Vulnerability: NETGEAR has become aware of the Badlock security vulnerability that causes ReadyNAS OS 6 devices to be susceptible to man-i...
Public ReadyNAS OS 6.x Beta
Bobknds's avatar
Bobknds
Aspirant
Jun 21, 2016

Hi,

 

Thanks for the response, so it would wipe all my data to do an update to OS6?  And am I at risk if I do not update to OS6?

 

Bob

BrianL2's avatar
BrianL2
NETGEAR Employee Retired
Jun 22, 2016

Hi Bobknds,

 

Welcome to the community!

 

You should first make a backup of your data before starting the upgrade. Check this page for instructions and open the ReadyNAS forum threads for additional tips & instructions.

 

 

Kind regards,

 

BrianL
NETGEAR Community Team 

  • Bobknds's avatar
    Bobknds
    Aspirant
    Jun 22, 2016

    Thank you for the Info. , if you would know, can I stay with for now with older OS and not have to worry about the email that was sent to me by netgear security?

    Badlock Security Vulnerability Notification
    The Vulnerability:
    NETGEAR has become aware of the Badlock security vulnerability that causes ReadyNAS OS 6 devices to be susceptible to man-in-the-middle (MiTM), denial of service (DoS), and similar attacks. Our records indicate that your NETGEAR product is affected.

     

    If you could let me know it would be greatly Appreciated and eas my concerns.

    Thanks,

    Bob

    • StephenB's avatar
      StephenB
      Guru - Experienced User
      Jun 22, 2016

      http://badlock.org/ has some more information on this.

       

      OS 4.2.x is also vulnerable, as it is running Samba 3.6.25.  However, the Samba Team doesn't provide fixes (even security fixes) for anything older than Samba 4.2 

       

      The risk for you depends on how you've deployed your ReadyNAS.  Any attacker using these vulnerabilities has to have access to your local network.

       

      Overall, if you want to stay up to date on security patches then you'll need to shift to OS 6.   If you continue to run OS 4 systems (as I am) it's best to carefully control access from the internet.

       

       

      • Bobknds's avatar
        Bobknds
        Aspirant
        Jun 23, 2016

        Thanks for the info.,  and I do not have ftp inabled and I hope this also helps in securing the nas. I only use Netgear's remote software.

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More