Apple issues Heartbleed bug fix for AirPort base stations

Firmware update repairs vulnerability in two AirPort base station models related to a major flaw in OpenSSL.

large-hero-heartbleed.jpg

Apple released a firmware update Tuesday to address a vulnerability related to the Heartbleed bug found in its most recent AirPort Extreme and AirPort Time Capsule base stations.

The update, dubbed AirPort Base Station Firmware Update 7.7.3, repairs a vulnerability in the OpenSSL library that could allow an attacker to initiate a man-in-the-middle attack to intercept data, Apple said in a statement Tuesday. The only AirPort base stations affected by the bug are the AirPort Extreme and AirPort Time Capsule base stations with 802.11ac with Back to My Mac or Send Diagnostics enabled.

Used to keep prying eyes out of online communications, SSL, or Secure Sockets Layer, is one of the most basic forms of encrypting Internet traffic. A major vulnerability in open-source software called OpenSSL revealed earlier this month could expose the contents of a server's memory, which includes private data such as usernames, passwords, and credit card numbers.

While the bug's revelation immediately sent sites and services across the Internet into patch mode, Apple said its Web site was in the clear and that it never used the vulnerable software in its desktop and mobile operating systems.

Apple's routers aren't the only networking gear found to be affected by the bug. Cisco Systems and Juniper Networks issued advisories earlier this month that several of their networking products were vulnerable to the flaw.

(Via Macworld)

 

Join the discussion

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

HOT ON CNET

Want affordable gadgets for your student?

Everyday finds that will make students' lives easier: chargers, cables, headphones, and even a bona fide gadget or two!