This is a Fast-Air Tech Talk security notice. The Tech Talk security notice is a free service for all Fast-Air customers. Please suggest security notice topics.

Software vulnerabilities were revealed with Western Digital “My Cloud” network attached storage devices. The My Cloud devices are common consumer data storage devices.

The vulnerabilities include a hard-coded backdoor that is easy to exploit remotely. Unprivileged remote access means anybody can remotely browse files and data stored on affected My Cloud devices to gain sensitive and private information. Remotely exploiting the devices is possible through scripting in a web browser.

WD Patches Backdoor Security Flaw in My Cloud NAS Devices

Western Digital ‘My Cloud’ devices have a hardcoded backdoor

Unpatched My Cloud devices should be disconnected from networks until patched. Firmware patches and respective instructions are available at the Western Digital web site:

Updating the firmware on a My Cloud device

• Author
• Recent Posts

Backwoods Geek

Backwoods Geek wrote his first computer program in 1977. He started using desktop computers in 1982 to write training and job aids. These days his home includes routers, switches, computers, a home theater PC, a laptop, and bluetooth phones. His professional career includes instrumentation and controls, computers, industrial training, technical writing, and teaching computer classes. Pastimes include sitting on the front porch, observing wildlife, cutting firewood, reading, watching movies, and tinkering with computers. He is uncomfortable around morning people until afternoon, likes dry and off-the-wall humor, and usually tells jokes with a straight face. He is a believer in the old adage that, "No matter where you go, there you are."

Latest posts by Backwoods Geek (see all)

• Free Gift Phishing Scams (Notice 2020-001) - January 15, 2020
• Tech Support Phone Scam (Notice 2019-001) - March 14, 2019
• VPNFilter Router Malware (Notice 2018-007) - May 30, 2018