Leo says the problem with new routers is that the software has all sorts of security issues. Since this is the first thing on the network, it's important that it be a secure line of defense.
DD-WRT and Tomato are more secure firmware alternatives to what comes on the router by default. These are both open source, very well written, and are kept up to date. So it is a good idea to replace the router's firmware with DD-WRT, if his router supports it.
There are some slight risks associated with this, however. If the power were to go out during the installation of the firmware, he could brick the router. This isn't that great of risk though, and the payoff would be great. He also should not do this if his router is given to him by his DSL or cable company.