RT-N66U Firmware version 3.0.0.4.374.4422

[WeekendWarrior]

Just discovered here in the Netherlands:

ASUS RT-N66U Firmware version 3.0.0.4.374.4422

Security related issues
- Fixed lighthttpd vulnerability.
- Fixed cross-site scripting vulnerability (CWE-79).
- Fixed the authentication bypass (CWW-592).
- Added notification to help avoid security risks.
- Fixed network place(samba) and FTP vulnerability.

Improvement
- Redesigned the parental control time setting UI.
- Updated multi language strings.
- Adjusted FW checking algorithm.
- Adjusted Time zone detecting algorithm.
- Improved web UI performance

2014.02.12 update

 

[wouterv]

Seems to be a serious security upgrade for a few very old issues.
Still no IPv6 firewall, no DFS and nothing mentioned about wireless driver enhancements.
For real enhancements I guess we have to wait for a version beyond the 3.0.0.4.374 series.

[EDIT]
Upgraded my router from .2239 to this .4422, no hard resets, upgrade went smooth.
First impression is some loss of 5 GHz signal quality....sigh, I may try a hard reset and manual reconfig soon.
2.4 GHz seems to be fine.

 

[jim769]

Agree unreal again still no v6 firewall. They fix some security issues and leave v6 with no firewall Asus must be drinking whiskey when they dream these firmwares up. No thanks i will stick with Merlin builds.

 

[rick155]

I have just upgraded from 3.0.0.4.374.2050

how do you know when an upgrade requires hard reset and when it's not needed?

 

[RMerlin]

Tough crowd.

 

[jim769]

Tough crowd.

It may seem that way but its not. Just dont understand why Asus wont implement a v6 firewall.

 

[RogerSC]

It may seem that way but its not. Just dont understand why Asus wont implement a v6 firewall.

I think that it's non-traditional. Haven't seen a router yet that has solid IPv6 support that has an IPv6 firewall from the mfr, at least not a router that I'd consider putting my money into *smile*. I agree that it's really bizarre, the only reason that I can see for this is that they figure that no one's really using the IPv6 support, which isn't quite true. I'm surprised that there isn't more hoopla about this, but I think that a goodly number of users that enable IPv6 just to see if they can, and then run dual-stack at least for a while, don't know that their firewall doesn't work for IPv6.

I believe that Comcast has something going, though, at least in my area. I've used all the online port scanners, and they all said that ALL my IPv6 ports were in stealth mode before the IPv6 firelwall appeared in RMerlin's firmware. I've checked this on all my computers, same deal. And when I use IPv6 on a router that doesn't have a firewall, like RT-N56U or R7000, again, all my IPv6 ports are in stealth mode. I'm not doing it, so I figure it must be Comcast.

 

[slyderz]

The security risk notification is causing IE and Firefox to freeze up on the web ui. It works fine on chrome and when I fix the security issue.

Sent from my Nexus 7 using Tapatalk

 

[wouterv]

The security risk notification is causing IE and Firefox to freeze up on the web ui. It works fine on chrome and when I fix the security issue.

Where/when do you get this security risk notification?
I haven't seen it yet in my router GUI with .4422 firmware.

 

[rick155]

it is a blinking exclamation mark appearing on the top right part of the screen next to the guest/internet status/usb device/printer icons

I have performed hard reset and noticed it because it was indicating that SAMBA share/FTP was potentially insecure with default password

it freezes for a couple of seconds Firefox, then you get control again, but then it freezes again and so on and on

 

[wouterv]

Ah ok, with enabling Network Place(Samba) Share / Cloud Disk, without further configuration the exclamation sign appears...brilliant, why not simply block this setup and force the user to setup an account.
Here in my Firefox 26.0 and Internet Explorer 10 versions the exclamation sign appears as blinking yellow sign, a click on the sign brings up the notification balloon, see below.
No freezing of Firefox 26.0 nor Internet Explorer 10.
Maybe you run into another security software issue (like not displaying pictures), try HTTPS access to your router to see if that works better.

 

[wouterv]

I peeked at the RT-AC68U:
ASUS RT-AC68U Firmware version 3.0.0.4.374.4422
Security related issues:
...bla bla same as RT-N66U

Improvement:
...bla bla same as RT-N66U
5. Supported EU 5Ghz DFS channel.
...bla bla same as RT-N66U

WOW...DFS supported, hopefully multiple channels though.
Will the RT-N66U ever follow?

 

[DavidEBSmith]

I didn't have any issue with Firefox, either.

I found the message to be somewhat confusing because when you click to change it, and go to the Samba screen, the button already has been changed to "Share without account". It's not clear that at that point, if you want to share via Samba, that sharing with account has been enabled, and you have to also add an account.

BTW, there is a default "admin" account with apparently a default password. Is this a security risk that someone could find out the default password and have access via the "admin" account?

Also, I stayed up way too late figuring out that the special characters in the password I wanted to use had to be escaped with a backslash on the Samba account screen. So if you want to use password

foo$bar

you have to enter it as

foo\$bar

 

[RMerlin]

Asus are aware of the issue with the new notification code and IE. Expect a fixed version in the coming week or so.

 

[jlake]

Asus are aware of the issue with the new notification code and IE. Expect a fixed version in the coming week or so.

I don't use IE, but I had Firefox freeze up. Although I notice some in this thread had Firefox freeze up while others didn't. I'll have to reset Firefox to defaults and see if that fixes it.

Chrome works fine.

 

[wouterv]

Asus are aware of the issue with the new notification code and IE. Expect a fixed version in the coming week or so.

Is IE11 the trouble maker, or what?

Let them add DFS for the RT-N66U (and RT-AC66U) and the Merlin IPv6 Firewall as well ;-)
Does Asus have a timeline for enhancements in future releases?

Well, as written before: is Asus aware of what a major step they would make to add DFS and the IPv6 firewall?
Again in a recent major Dutch magazine (CT, Computer Techniques):
Asus stays behind Apple, AVM, Belkin/Linksys and Netgear with lack of the IPv6 firewall.
And Asus stays behind Apple, AVM, Buffalo and Zyxel with the resrtictions to 5 GHz channels.
They can really make a difference by implementing those two major lacks, specially DFS is MUST for 802.11AC support.
What keeps them from doing so?
For the IPv6 firewall there is no reason, for DFS maybe Braodcom is the limiting factor.

 

[wouterv]

Let Asus also correct some text in the help for Media Bridge:

RT-N66U can be configured in Media bridge mode.The Media Bridge mode provides the fastest 802.11ac Wi-Fi connection for multiple media devices simultaneously.To set up the Media Bridge mode, you need two RT-N66U: one configured as the Media station and the other as a router.Configure one RT-N66U as a router and another RT-N66U as an 802.11ac Media bridge to provide a simultaneous 802.11ac Wi-Fi connection for your media devices such as computer, Smart TV, game console, DVR, or media player via Ethernet cable.Change to Media Bridge mode to provide a simultaneous 802.11ac Wi-Fi connection for your media devices.

RT-N66U does not support 802.11ac...does it anyway support Media Bridge mode?

 

[RMerlin]

Only Asus knows. I'm just sharing what they are telling me, I don't have any insight as to their actual development plans.

 

[.Patrick.]

Just flashed to the new firmware. 2.4/5ghz is pretty smooth.

What i did was:
1) backup
2) upload new FW
3) restore, then maually perform setup

Erm, do you guys know of any helpful guide to enabling the addition of the RT-AC68U?

The RT-AC68U shall be placed in the main hall and the N66U will be in the room. I would like to know how exactly can i configure them, and yes, I have Static IP.

 

[Stefan1200]

Has someone FTP performance issues on USB drives too? With Merlins EM build or with official Version 3.0.0.4.276 I have write speed up to 12 MBytes per second. Now with Version 3.0.0.4.374.4422 I only have 2,3 MBytes per second. That's a big difference.

Yes, I reset the settings of the RT-N66U Router.