I received an email from email@example.com with the title 'Virgin Media Security Alert -SSDP Vulnerability - Please Read' which seemed almost certain to be a scam, as others on this forum have noted. The letter did not tell me what to do but pointed to virginmedia.com/ssdp. That website was not helpful. I have a SuperHub 2ac and for this the website says go to 192.168.0.1, Advanced Settings>Security>Port Forwarding>Delete 'against any rules that will keep port 1900 open' (there were no rules listed), ditto for Port Triggering. Eventually, I found a forum posting that said I should go to Advanced Settings>UPnP>uncheck box to disable UPnP. I think that has achieved what the letter was asking but it has been a time consuming and frustrating process. The original letter from the security team could have been a lot clearer and more accurate about the steps required.