Insignary had some research and created a report that looked into the binary code of most of the routers on the market. Technewsworld has a story…
And Business Insider has a story
The short story is that many router companies do not update their devices which would mean customers would have to upgrade firmware, which is also doubtful, but at least it is possible to update and secure your router. Many people do not update because it is difficult or time consuming, and the router upgrades require a technical skill missing in most home users anyway. It seems that all of the vulnerabilities of the routers:
WPA2(KRACK) – Key reinstallation attack
ffmpeg – DoS attack
openssl – DoS attack, and remote code exec
Samba – remote code exec
OSS components have weaknesses which are also open source.
New components that are secure have been created but have not been created to coexist with the Wi-Fi devices (within their firmware). If they would have been created you would have to download the firmware and then you would have to update this firmware. So the process of updating firmware in Wi-Fi routers differs with each manufacturer, I would go to your manufacturer website and try to find out if a new firmware has been released.
But as a safety precaution (with security in mind) it is probably best just to buy a new Wi-Fi router (which has software that does not have these old vulnerabilities.
So it depends on your level of risk and what you are protecting. Myself I always like to update my computers and wifi devices every year or every two years anyway. If you are in the habit of doing this as a standard way of doing business you will not be affected by these vulnerabilities.
Contact Us to discuss your risk exposure and decide what upgrade standards you might need.