× NETGEAR will be terminating ReadyCLOUD service by July 1st, 2023. For more details click here.
Orbi WiFi 7 RBE973
Reply

how to update to OS6? Is it possible?

Bobknds
Aspirant

how to update to OS6? Is it possible?

Netgear sent me an email recommending upgrading, said:

The Vulnerability:
NETGEAR has become aware of the Badlock security vulnerability that causes ReadyNAS OS 6 devices to be susceptible to man-in-the-middle (MiTM), denial of service (DoS), and similar attacks. Our records indicate that your NETGEAR product is affected.

What You Can Do:
NETGEAR strongly recommends that you install firmware version 6.5.0 that was released on May 17, 2016.

 I stil have RAIDAR 4.3.8  and firmware 4.2.28 and running x86. Not sure what to download and install, any help would be greatly

Appreciated.

Model: ReadyNASRNDU2000|ReadyNAS Ultra 2 Chassis only
Message 1 of 12
kohdee
NETGEAR Expert

Re: how to update to OS6? Is it possible?

Not sure why you received this as an e-mail -- I checked your registered products based on the e-mail that you use here on the Community and I only see your Ultra 2... so you should not have received this alert... I will check into this. 

Message 2 of 12
kohdee
NETGEAR Expert

Re: how to update to OS6? Is it possible?

Upgrade to OS 6 is possible but unsupported by NETGEAR Support. There are threads here that could help you but it is at your own risk and requires a factory default. 

Message 3 of 12
Bobknds
Aspirant

Re: how to update to OS6? Is it possible?

Hi,

 

Thanks for the response, so it would wipe all my data to do an update to OS6?  And am I at risk if I do not update to OS6?

 

Bob

Model: ReadyNASRND2000v2|ReadyNAS Duo v2 Chassis only
Message 4 of 12
BrianL2
NETGEAR Employee Retired

Re: how to update to OS6? Is it possible?

Hi Bobknds,

 

Welcome to the community!

 

You should first make a backup of your data before starting the upgrade. Check this page for instructions and open the ReadyNAS forum threads for additional tips & instructions.

 

 

Kind regards,

 

BrianL
NETGEAR Community Team 

Message 5 of 12
Bobknds
Aspirant

Re: how to update to OS6? Is it possible?

Thank you for the Info. , if you would know, can I stay with for now with older OS and not have to worry about the email that was sent to me by netgear security?

Badlock Security Vulnerability Notification
The Vulnerability:
NETGEAR has become aware of the Badlock security vulnerability that causes ReadyNAS OS 6 devices to be susceptible to man-in-the-middle (MiTM), denial of service (DoS), and similar attacks. Our records indicate that your NETGEAR product is affected.

 

If you could let me know it would be greatly Appreciated and eas my concerns.

Thanks,

Bob

Model: ReadyNASRNDU2000|ReadyNAS Ultra 2 Chassis only
Message 6 of 12
StephenB
Guru

Re: how to update to OS6? Is it possible?

http://badlock.org/ has some more information on this.

 

OS 4.2.x is also vulnerable, as it is running Samba 3.6.25.  However, the Samba Team doesn't provide fixes (even security fixes) for anything older than Samba 4.2 

 

The risk for you depends on how you've deployed your ReadyNAS.  Any attacker using these vulnerabilities has to have access to your local network.

 

Overall, if you want to stay up to date on security patches then you'll need to shift to OS 6.   If you continue to run OS 4 systems (as I am) it's best to carefully control access from the internet.

 

 

Message 7 of 12
kohdee
NETGEAR Expert

Re: how to update to OS6? Is it possible?


@kohdee wrote:

Not sure why you received this as an e-mail -- I checked your registered products based on the e-mail that you use here on the Community and I only see your Ultra 2... so you should not have received this alert... I will check into this. 


Regarding the notice, it was erroneously sent to all ReadyNAS models, instead of all OS 6 models. Apologize for this! 

 

Message 8 of 12
Bobknds
Aspirant

Re: how to update to OS6? Is it possible?

Thanks for the info.,  and I do not have ftp inabled and I hope this also helps in securing the nas. I only use Netgear's remote software.

Message 9 of 12
Bobknds
Aspirant

Re: how to update to OS6? Is it possible?

Ok, thanks for all the help.

Message 10 of 12
StephenB
Guru

Re: how to update to OS6? Is it possible?


@Bobknds wrote:

Thanks for the info.,  and I do not have ftp inabled and I hope this also helps in securing the nas. 

Disabling services you don't use is always a good idea - just make sure you understand what they do first (to be certain you aren't using them).


@Bobknds wrote:

 I only use Netgear's remote software.


Then your internet access is already secured, since remote uses an encrypted VPN tunnel between the NAS and the remote device.  If someone manages to compromise the Netgear VPN security, then someone can potentially take (or destroy) your data - but that risk has always been there.

 

Getting back to the posted question - it is possible to upgrade your ultra-2 to OS 6.5.1  Netgear won't support you if you do (though they still should honor any remaining warranty), and the process will destroy all data on the NAS now, so you would need to back everything up and restore it.

 

In your case, I'd say the benefits are likely slight.  You would gain ReadyCloud, which gives you more features for than Remote.  Though if you want to go for it, I'd suggest waiting a bit - recent changes to ReadyCloud have resulted in some growing pains, and it might be better to wait for things to settle down there.

Message 11 of 12
StephenB
Guru
Moved:

Re: how to update to OS6? Is it possible?

Message 12 of 12
Top Contributors
Discussion stats
  • 11 replies
  • 4151 views
  • 0 kudos
  • 4 in conversation
Announcements