hesperis (and all) -

Anyone who uses any router really should check occasionally with the maker for updates. The reports cited are pretty old, and cited the devices listed because people apparently were not aware and weren't getting them patched.

All other similar devices should be considered vulnerable unless they've been checked out recently.

ANY device attached to your machine that has built in programming (BIOS or firmware, etc) or that requires you to load a "program" or to change parameters in internal memory for the device in order to use it can be a source of holes that vermin can exploit. This includes external firewalls, routers, hubs, links, and even the external "servers" sometimes used to connect printers and othere accessories via a LAN.

This does include "server" routers and switches, for those affected.

Most who are not brain-dead probably know by now that AV checks for certain kinds of malicious stuff, but separate programs/methods are required for Adware and Spyware because of the different ways they work. For the most part, the article cited just points out that external devices in your system can be exploited similarly, and the AntiVirus and other anticrud programs generally don't check the external devices.

Most probably are aware of the "phishing" exploits, where an email just asks you to give them information, usually by pretending to be a trusted "somebody you know."

NEW TERM: (Recent reports)

A few exploits have popped up recently that are being called "pharming." They've been rare so far, but appear to be increasing in frequency. This "method" places malware on your machine to make it look like you're connecting to a normal place of business, but actually makes the web connection to a fake site. When you do your normal business, including login with your passwords, the fake site immediately uses the info you key in to go to the real site disguised as you and, for example, clean out your bank account.

For now, it's probably enough to be aware of the "pharming" term, so that when it becomes more common you'll know it may be reason for concern.

SECOND NEW TERM: (Really recent reports)

A few exploits in Windows have been seen of what's called "Rootkits." This is an exploit previously seen only in UNIX systems, and has been around for years. It's been found on a few Windows systems, and can be expected to grow. It plants a small program that intercepts "calls to services" and returns "modified" information to the system. An example is when Windows asks what files are on the hard drive, the "rootkit" returns everything except its own files and/or ones it's installed. This makes it extremely difficult to detect, and allows it to hide anything it wants to do from the system. NO EXISTING PROGRAMS in common use can detect it.

The only "simple" method of even telling if a Rootkit is present is to compare the complete list of files on the hard drive, made with the normal OS, to the list obtained using a different operating system. Note that the DOS/Command OS is part of the Windows OS, so looking in safe mode or booting from a DOS disk usually won't tell you it's there.

For known exploits of Rootkits, the malware has to be placed on the machine as a payload of a virus or worm, by exploiting another Adware/Spyware exploit, by "phishing" or by someone with physical access to the machine, so keeping the normal defenses up to date should be adequate - for now.

Expect to hear a lot more about both "pharming" and "rootkit" exploits, - - - probably soon.

John