A more comprehensive solution would be to have Internet service providers block the port used by UPnP to discover devices over the Internet. However, ISPs are unlikely to take such a step without pressure from customers.
On Tuesday, the U.S. Computer Emergency Readiness Team, part of the Department of Homeland Security, advised consumers and businesses to disable UPnP.
Device manufacturers have been criticized before for failing to quickly patch vulnerabilities. Makers of Android tablets and smartphones are notoriously slow at distributing updates of the Google mobile platform. As a result, Android has become a primary target for mobile malware.
Sign up for CIO Asia eNewsletters.