Apple fixes Heartbleed flaw in its Airport Base Stations

airport-base-stationAlong with its iOS and OS X updates, Apple today also released a patch for its 2013 AirPort Extreme and Time Capsule models, reports Macworld. The firmware update fixes the Heartbleed OpesSSL flaw that was discovered earlier this month and affects both websites and internet hardware like Apple’s most recent AirPort Base Station models.

The AirPort Base Station Firmware Update 7.7.3 is available only for the latest AirPort Extreme and Time Capsule versions that were released in June 2013. This update fixes a flaw that impacts Airport devices that have the Back to My Mac feature enabled. The flaw does not compromise Apple ID passwords, but would allow access to router or computer login screens via a man-in-the-middle attack.

The firmware update provides a fix for the recent OpenSSL vulnerability for the latest generation of 802.11ac enabled AirPort Extreme and AirPort Time Capsule base stations (June 2013). This vulnerability only impacts recent Airport devices that have the Back to My Mac feature enabled. Customers with previous generation AirPort Extreme and AirPort Time Capsules do not need to update their base stations.

AirPort owners who have enabled the Back to My Mac feature are strongly encouraged to patch the Heartbleed flaw by running the firmware update as soon as possible. AirPort owners who own an older model or have a new model without Back to My Mac enabled are not advised to apply the update as those hardware configurations are not affected by this vulnerability.

Like this post? Share it!

Categories: Apple News