Good news: Sonos has released a fix for the Airborne vulnerability. While I’m not thrilled that they rarely provide detailed patch notes, support has confirmed the issue is resolved.

Here’s what I’ve done on my network as a precaution:

• Moved all Sonos, Roku, and TV devices to a dedicated IoT VLAN. Only authorized devices can see them now.

• As a bonus, guests can no longer hijack the music or volume when visiting — which I appreciate.

• Apple TV remains on the main network so guests can still use AirPlay to cast to the Apple devices, and nothing else. I trust Apple’s security more than third-party vendors using their APIs, especially given the long delays in patching.

• Disabled AirPlay on all non-Apple devices (Roku and TVs) since we use Apple TV anyway — it’s safer this way.

• Kept all Apple devices fully patched and applied security settings I mentioned in earlier posts.

This setup might be overkill for some, and yes, configuring networks for Sonos and AirPlay can be pain. But it’s working well here, so far…. and it feels a lot more secure.