Start a New Discussion
Let us help with AV-over-IP ProAV.EngineeringServices@NETGEAR.com Learn More:
Evolution of PoE #NowAtNETGEAR
Insight 5.7 Features #Webinar
NETGEAR Business Produces and Services @ IFA2019 Berlin
Insight 5.7 Update Now Available
Ethernet Splitter Vs. Ethernet Switch
New Small Remote Managed PoE Switches GC108P & GC108PP
NETGEAR Insight Pro Network Management System enables higher profitability for Resellers
ALL FIRMWARE should be updated. More info: https://betanews.com/2017/10/16/krack-wpa2-security-vulnerability/
Need a patch for R6220 and wnr2000v3
This vunerability was first disclosed to manufacturers by the researcher in mid July,
CERT sent notifications on Aug 28th, and ICASI sent notifications to members on Sep 12th.
I'm hoping that Netgear decides to provide patches for more than just the following gear:
Netgear: WAC120, WAC505/WAC510, WAC720/730, WN604, WNAP210v2, WNAP320, WNDAP350, WNDAP620, WNDAP660, WND930
NETGEAR is aware of the recently publicized security exploit KRACK, which takes advantage of security vulnerabilities in WPA2 (WiFi Protected Access II). NETGEAR has published fixes for multiple products and is working on fixes for others. Please follow the security advisory for updates.
NETGEAR appreciates having security concerns brought to our attention and are constantly monitoring our products to get in front of the latest threats. Being pro-active rather than re-active to emerging security issues is a fundamental belief at NETGEAR.
To protect users, NETGEAR does not publicly announce security vulnerabilities until fixes are publicly available, nor are the exact details of such vulnerabilities released. Once fixes are available, NETGEAR will announce the vulnerabilities from NETGEAR Product Security web page.
"pro-active" or "re-active" as you prefer...
Netgear has to patch and fix for all products as soon as possible.
A foundamenta belief in my home is use WiFi, when can I use my DGND3700v2 with KRACK fixing patch???
My D7000 is offering me a firmware update to V22.214.171.124 should I and is that the Krack fix? It's decribed as [Enhancement] Security enhancement.
Netgear isn't offering patches for a load of vulnerable devices, and I'm still trying to get a support/lifecycle policy out of them. There are also other known vulnerabilities with other products, which they have not addressed.Note that Netgear is mostly ignoring CERT: http://www.kb.cert.org/vuls/id/CHEU-AQNMYEThey also seem to have disabled all or all but one thread using the word "KRACK" as search terms.I'm unsure if they care about consumers, but getting the word out to businesses that Netgear is horrible on security might be a wake-up call for them.
WHERE ARE OUR SECURITY PATCHES?
IS NETGEAR CONTENT TO TAKE THE MONEY AND RUN?!?!?!
TIME TO GET THE WORD OUT ON FACEBOOK, TWITTER, INSTAGRAM, ETC...
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.