A few moments ago, ASUS announced the availability of a new firmware package compatible with its RT-AC3200 wireless router, namely version 126.96.36.199.380.3479, which fixes XSS and command injection issue, and more.
Specifically speaking, build 380.3479 resolves Samba Badlock CVE-2016-2110 (man-in-the-middle attacks possible with NTLMSSP) and CVE-2016-2111 (NETLOGON Spoofing Vulnerability).
In addition to that, this update also improves Windows Radius server compatibility, 5G performance, Safari response, and AiCloud dynamic stream port mechanism, as well as fixes bandwidth monitor incorrect number problem and AiCloud share link related issues.
Last but not least, ASUS managed to correct the router’s setup wizard redirect behavior, modify the setup wizard process, and fix NTP sync and bandwidth limiter.
Another aspect you should take into account is that the producer ensures its users that CVE-2016-2112 (LDAP client/server don’t enforce integrity), CVE-2016-2118 (SAMR/LSA man in the middle attacks possible), and CVE-2015-5370 (Multiple DCE-RPC code errors) did not affect the router.
Therefore, if you consider upgrading to this version, save and unzip the downloadable archive, establish a wired connection between the router and a computer, and log into its administration page. Afterwards, go to the Firmware Upgrade section, hit “Browse,” navigate and select the newly extracted firmware file, click “Upload,” and wait as the router applies the new firmware.
That said,, apply it to your wireless unit to enjoy these changes, and constantly check our website to be up to speed with the latest releases.