3Likes
LinkBack URL
About LinkBacksApple has released new firmware updates for its AirPort Express, AirPort Extreme, and AirPort Time Capsule. The update 7.7.9 is for 802.11ac base stations; 7.6.9 is available for 802.11n base stations. You can manually update your AirPort devices opening the AirPort Utility on macOS or iOS. Just select your AirPort device and click Update.
After over two months, today’s updates finally bring fixes to several security issues, including the devastating KRACK vulnerabilities. KRACK can allow attackers to exploit WPA2 protocol to decrypt network traffic and essentially read everything, including passwords. More details about KRACK and Broadpwn are available in our earlier posts.
AirPort Base Station Firmware Update 7.6.9 and 7.7.9
Apple has now released the security notes for today’s releases. Here’s everything that has been addressed with today’s security updates.
"AirPort Base Station Firmware
Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA unicast/PTK clients (Key Reinstallation Attacks – KRACK)
Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management.
CVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU Leuven
CVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU Leuven
AirPort Base Station Firmware
Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA multicast/GTK clients (Key Reinstallation Attacks – KRACK)
Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management.
CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven"
AirPort Base Station Firmware Update 7.7.9 fixes one additional security bug:
"AirPort Base Station Firmware
Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac
Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-9417: Nitay Artenstein of Exodus Intelligence"
Torrent Invites! Buy, Trade, Sell Or Find Free Invites, For EVERY Private Tracker! HDBits.org, BTN, PTP, MTV, Empornium, Orpheus, Bibliotik, RED, IPT, TL, PHD etc!
Results 1 to 1 of 1
-
12-13-2017 #1sednaGuest
Apple fixes KRACK vulnerability with today’s AirPort firmware updates
Reply With Quote
