The Federal Communications Commission has extended a key waiver allowing certain foreign-made routers, drones, and drone components to continue receiving software and firmware updates in the United States until at least January 1, 2029.
The move comes after growing concerns that millions of already-deployed devices could become cybersecurity risks if manufacturers were suddenly blocked from issuing security patches and compatibility updates. The decision was announced through the FCC’s Office of Engineering and Technology (OET), which also expanded the scope of the waiver to cover additional software-related changes needed to maintain device functionality.
Security concerns forced a regulatory rethink
The extension follows a broader FCC crackdown that added certain foreign-produced routers and unmanned aerial systems to the agency’s “Covered List” in late 2025 and early 2026 over national security concerns. Those restrictions effectively blocked new approvals and limited post-certification modifications for affected devices.
Initially, existing waivers would have allowed updates only until 2027. However, regulators later acknowledged that cutting off software support entirely could create a bigger problem by leaving devices exposed to vulnerabilities, cyberattacks, and compatibility failures.
The updated waiver now permits critical firmware and software updates for previously authorized devices, even though the products themselves remain subject to broader restrictions. The FCC emphasized that the policy does not reverse the bans or remove affected products from the Covered List.
Why consumers should pay attention
For everyday users, the decision matters because routers and drones depend heavily on ongoing software support to remain secure and functional. Routers in particular act as gateways for home networks, connecting phones, laptops, smart TVs, cameras, and other internet-enabled devices. Without security patches, known vulnerabilities can become easier targets for hackers.
The FCC’s extension effectively gives consumers more time before worrying about their devices becoming unsupported or obsolete. It also reduces the risk of millions of products suddenly losing compatibility with future operating systems, networks, or connected services.
What happens next
While the waiver offers temporary relief, it also highlights the growing tension between national security policy and practical cybersecurity needs. Regulators are now expected to spend the next few years developing a more permanent framework governing foreign-made networking equipment and drones.
For manufacturers, the message remains mixed: existing products can continue receiving critical updates, but future approvals for foreign-made devices will likely face tighter scrutiny and more restrictive oversight in the years ahead.
