-------- Original message --------From: jim bell <[email protected]> Date: 6/22/17 11:20 AM (GMT-08:00) To: g2s <[email protected]>, [email protected] Subject: Re: CIA Inside... Linksys routers. Advisory issued
From: g2s <[email protected]> http://www.linksys.com/us/support-article?articleNum=263800 from that url >Linksys issues security advisory following discovery of CIA exploitation >Solution >If users believe their router firmware may have been compromised, Linksys >recommends that users download the latest available firmware from >http://www.linksys.com/support/ and update your router. >After the update, please perform a factory reset to ensure no remnants of the >compromise remain. Instructions on how to do a factory reset can be found >here. If users are not able to perform a firmware update or receive an error >message during the update, please contact customer support for further >instructions. Linksys Official Support - Linksys CherryBlossom Advisory----------------- It isn't clear, but I don't see any indication that these remedial processes actually inform the owner of the router if it has been compromised. Is that an accidental omission, or intentional? Jim Bell Might have a look at the dox attached to the wikileaks page. Linksys is probably just mass patching any possible infected routers and the "whether or not" isn't relevant to the process...imho. Rr >https://wikileaks.org/vault7/#Cherry%20Blossom
