Security fix released for Apple AirPort Extreme Base Station

Update fixes Apple Filing Protocol vulnerability that could let a maliciously crafted AFP request cause file sharing to become unresponsive.

Robert Vamosi Former Editor

As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.

See full bio

Robert Vamosi

March 20, 2008 12:02 p.m. PT

Apple released on Wednesday a security update for the AirPort Extreme Base Station with 802.11n.

The Firmware 7.3.1update addresses the Apple Filing Protocol (AFP) vulnerability detailed in CVE-2008-1012.

Apple said there is an input validation issue in the way AirPort Extreme Base Station validates AFP requests. A maliciously crafted AFP request may cause file sharing to become unresponsive. This issue does not affect Time Capsule or AirPort Express.

The update for the Fast Ethernet version of Airport Extreme and the Gigabit Ethernet editions is available on from Apple support. Earlier this week Apple released an update for its Safari browser, along with an ominbus security update for Mac OS X.

Apple credits Alex deVries for reporting the AFP vulnerability.