As reported by Infosecurity late last week, security researcher Paul Mutton caused a stir by revealing in his blog that the Thomson modems could be susceptible to a cross site scripting (XSS) security flaw similar to the one affecting websites.
In a notice issued late Friday, O2 said it was planning to release a fix for the XSS security problem to its modem users.
"Having been notified of a potential security issue with our O2 wireless box we have been working to find a solution. We have taken this issue very seriously and have been continuing to investigate it with the router's manufacturer, Thomson", said O2.
"As a result we have identified a solution and we will be applying this remotely to all of our customers' O2 wireless boxes. This means that customers will not have to take any action themselves", O2 added.
On Saturday morning, meanwhile, Plusnet - which issues a customised version of the Thomson modem to its subscribers, said "it had been made aware of a potential [XSS] security vulnerability in the Thomson 4-port wireless router we supply."
"Although we don't believe that any of our customers have been affected, and that the potential risk is extremely low, we are issuing instructions on how you can further protect your router", said the note from Nick Dodds, Plusnet's customer support manager.
"We are advising our customers, whether you have a 585v7, or any other model of router, to change the default 'router admin' username and password."
Plusnet has issued instructions on how to change the password on the Thomson routers on its website to overcome the XSS problem.