Recently a physical attack vector on the Trezor One hardware wallet was disclosed by a security researched called Sunny, Trezor was quick to release a firmware update 1.6.1 but the researcher realized that another attack vector of the same type was possible so SatoshiLabs released the new firmware update 1.6.3 on the 30th of August.
Trezor comes with a tamper-evident seal and the attack vector only affects tampered devices, so if you bought your Trezor used or if it came with the seal broken, make sure you update the firmware first then set it up. If you’re updating an older Trezor, make sure to have the correct recovery seed on hand as you’ll need it to set it up.
The newest firmware verifies the authenticity of the bootloader in the device. The bootloader checks the signature of the firmware. If both are genuine, your device will not display a warning, and therefore your Trezor is safe to use.
SatoshiLabs published several updates for the trezor wallets.
The update includes support for BitcoinCash’s cashaddr, Zcash’s overwinter update and a few extra cryptocurrencies added to both wallets, the Trezor One and Trezor Model T now supports Lisk, Bitcoin Private, Vertcoin, Viacoin and Zcoin among others with support for more ethereum clones like Callisto and EthereumSocial.
Anyone running the old firmware version 1.6.1 for the Trezor One is urged to update as fast as possible, the update will wipe your memory so make sure you have your recovery seed first!