When will they learn...
It has long been known that the way to stop security holes is to not have any services running unless they are absolutely necessary, and then really be on the ball.
Look at Win XP - the number of critical services hacks has been reduced substantially by the default enabling of the firewall in recent times, effectively preventing the services being visible from the net.
Services that are enabled by default are bad news. A router should look stealth on all ports by default, anything else is just begging for someone to start digging.