If you own an Asus router, you should update the firmware to protect against critical vulnerabilities right now

pcgamer.com:

Asus is recommending users update the firmware on some of its most popular routers in order to address critical security vulnerabilities. The updates include fixes or mitigations for nine security vulnerabilities. 

According to Bleeping Computer, the CVE-2022-26376 and CVE-2018-1160 vulnerabilities are the most worrisome. The first is a memory corruption vulnerability that could let attackers launch DoS attacks or even execute code. It carries a critical 9.8/10 severity rating according to the NIST's National Vulnerability Database.  

The second is a five-year-old vulnerability with the same 9.8/10 critical rating. It too can allow an attacker to execute code. Both methods place the router at risk of becoming part of a botnet or used for all kinds of nefarious purposes.

The list of affected models follows: GT6, GT-AXE16000, GT-AX11000 PRO, GT-AX6000, GT-AX11000, GS-AX5400, GS-AX3000, XT9, XT8, XT8 V2, RT-AX86U PRO, RT-AX86U, RT-AX86S, RT-AX82U, RT-AX58U, RT-AX3000, TUF-AX6000, and TUF-AX5400. 

Best VR headset: which kit should you choose?Best graphics card: you need serious GPU power for VRBest gaming laptop: don't get tied to your desktop in VR

Asus clearly believes these are significant issues. «Please note, if you choose not to install this new firmware version, we strongly recommend disabling services accessible from the WAN side to avoid potential unwanted intrusions. These services include remote access from WAN, port forwarding, DDNS, VPN server, DMZ, port trigger,» Asus said on its Product Security Advisory webpage.

In other words, turn off your internet. Eek.

An unpatched router will be at risk of being turned into a botnet zombie, which can then be used to carry out a variety of scummy actions including Denial