The U.S. Computer Emergency Readiness Team recently advised the public to disable Universal Plug and Play (UPnP) features that have not been updated. A UPnP allows computers to automatically identify and communicate with certain equipment such as printers, media players and routers through an open network.
Between 40 and 50 million devices that were vulnerable to attach have been discovered. Flaws could allow hackers to access confidential files, obtain passwords, and remotely access UPnP devices. Fixes are available.
For the Department of Homeland Security’s vulnerability notice, click here.