The Federal Communications Commission announced on Friday, May 8, through its Office of Engineering and Technology (OET), that it was extending temporary waivers allowing certain foreign-produced drones, drone components, and consumer routers to continue receiving software and firmware updates in the United States.

In late 2025 and early 2026, the FCC added these categories of equipment to its “Covered List,” which effectively blocked already-authorized devices from receiving post-approval software and firmware modifications. The agency subsequently issued waivers permitting critical security and functionality updates to continue through January 1, 2027, for drones and drone components, and through March 1, 2027, for consumer routers.

Under the updated waiver, manufacturers of affected devices will now be allowed to continue issuing software and firmware updates until at least January 1, 2029, provided the devices had already been authorized for use in the U.S. before being added to the FCC’s “Covered List.” The extension also broadens the waiver to include certain Class II permissive changes involving software and firmware updates intended to mitigate consumer harm.

Latest Videos From

The decision follows growing concern that a strict enforcement of the restrictions could unintentionally leave millions of existing devices vulnerable to cybersecurity threats, compatibility issues, and operational failures. In practical terms, without the waiver, manufacturers of affected products could have been blocked from deploying even basic security patches and bug fixes once the devices were designated as covered equipment.

The FCC first added foreign-produced unmanned aircraft systems (UAS), UAS critical components, and certain communications equipment to the Covered List in late 2025 as part of broader national security efforts to reduce reliance on potentially risky foreign technology infrastructure. Routers produced in foreign countries were later added to the list in March 2026, except for models that had received conditional approval from the Department of War or the Department of Homeland Security.

The restrictions stem from revisions to FCC equipment authorization rules adopted in October 2025. Those revisions effectively prohibited “permissive changes” to covered equipment — a category that includes software and firmware modifications made after a device has already received certification. While the rules were designed to tighten oversight on high-risk equipment, they also created a difficult dilemma: preventing updates could inadvertently make already-deployed devices less secure over time.

In its notice, the FCC acknowledged that continued software support remains necessary to protect U.S. consumers. The waiver specifically allows updates that maintain device functionality, patch vulnerabilities, and preserve compatibility with changing operating systems and network environments.

Stay On the Cutting Edge: Get the Tom's Hardware Newsletter Get Tom's Hardware's best news and in-depth reviews, straight to your inbox. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

The agency argued that the public interest would be better served by allowing these limited updates rather than freezing software support entirely. According to the FCC, the waiver provides regulators time to consider a more permanent framework while avoiding immediate cybersecurity risks to users currently operating affected devices.

Importantly, the waiver does not reverse the broader restrictions or remove the devices from the Covered List. Instead, it applies only to already-authorized products and to software- and firmware-related changes intended to maintain safe and secure operation. Manufacturers must still comply with other FCC requirements governing permissive changes and equipment certification.

The move highlights the increasingly complex balancing act regulators worldwide face as governments seek to secure communications infrastructure without inadvertently creating new cybersecurity vulnerabilities.

Follow Tom's Hardware on Google News, or add us as a preferred source, to get our latest news, analysis, & reviews in your feeds.