Millions of Smart TVs, Phones and Routers At Risk From Old Vulnerability

itwbennett writes: Adding fuel to the growing concern over how manufacturers of devices such as routers and smart TVs deal with security vulnerabilities that emerge in their products, Trend Micro found that a 3-year-old vulnerability in a software component used in millions of smart TVs, routers and phones still hasn't been patched by many vendors. Although a patch was issued for the component in December 2012, Trend Micro found 547 apps that use an older unpatched version of it, wrote Veo Zhang, a mobile threats analyst on the Trend Micro blog. 'These are very popular apps that put millions of users in danger; aside from mobile devices, routers, and smart TVs are all at risk as well,' he wrote.

Re:This is one reason I don't use smart TV apps

My 2009-era "Smart" TV (read: TV with UPnP, DLNA, and wired ethernet, no apps) got exactly one software update. That software update did the following:
1) Disabled the "maintenance" menu
2) Disabled further updates
3) Blew the soft-fuse to prevent anyone from hard-hacking the two disabled features back.

Any vulnerabilities it had in early 2010 when that update was rolled out are baked in and are not ever going to change.

Since it can't be patched, and since the DLNA rendering client is downright fecal in its uselessness, I don't allow it to connect to my network anymore.

(For reference, it's a Samsung LN52B700, which is a North American, 2009-model, 52", LCD with CCFL backlight, Series 7 TV. Mine came from Newegg and has a white LED power indicator, as opposed to the Best Buy exclusive red LED version, which had a model number ending in 710. Because price-match guarantees are universally bullshit.)