airport_utility_iconApple today released AirPort Extreme and AirPort Time Capsule Firmware Update 7.7.3 for AirPorts with 802.11ac. The update includes security improvements related to SSL/TLS.

AirPort Base Station Firmware Update 7.7.3
Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac

Impact: An attacker in a privileged network position may obtain memory contents

Description: An out-of-bounds read issue existed in the OpenSSL library when handling TLS heartbeat extension packets. An attacker in a privileged network position could obtain information from process memory. This issue was addressed through additional bounds checking. Only AirPort Extreme and AirPort Time Capsule base stations with 802.11ac are affected, and only if they have Back to My Mac or Send Diagnostics enabled. Other AirPort base stations are not impacted by this issue.

Earlier this month, an OpenSSL bug known as Heartbleed made headlines, with Apple releasing a statement noting that iOS, OS X, and its "key web services" were unaffected by the security flaw, but it appears that the company's AirPort Extreme and AirPort Time Capsule were vulnerable.

The 7.7.3 update is recommended for all models of the AirPort Extreme and Time Capsule that support 802.11ac Wi-Fi, other AirPort base stations do not need to be updated.

Related Forum: Networking

Top Rated Comments

iNosey Avatar
iNosey
126 months ago
Hmm airport express not affected?
Let me let you answer that. Does the AirPort Express use 802.11ac? No. Do you even read the article?
Score: 7 Votes (Like | Disagree)
coolfactor Avatar
coolfactor
126 months ago
"APPLE SUX! HAHAHAHA"

No, seriously, I wonder how many other routers out there are vulnerable to this and yet will never receive firmware updates because they are too difficult to install, unlike Airport routers?

I wonder if this vulnerability is unique to Airport routers because of the Back to the Mac feature that requires user credentials to stored in order to operate correctly?
Score: 6 Votes (Like | Disagree)
PsyOpWarlord Avatar
PsyOpWarlord
126 months ago
This is something I was also wondering, I just checked and their does not seem to be any updates for them. Hopefully they are not affected.
Did you read the article?

Only AirPort Extreme and AirPort Time Capsule base stations with 802.11ac are affected, and only if they have Back to My Mac or Send Diagnostics enabled. Other AirPort base stations are not impacted by this issue.
Score: 5 Votes (Like | Disagree)
Ralf The Dog Avatar
Ralf The Dog
126 months ago
well what do you expect ?
more than a week to figure out that a product is linked with a faulty lib !!
Perhaps they don't read news :p
Good job Apple

Step 1, Find the bug.
Step 2, Fix the bug.
Step 3, Test the fix.
Step 4, Test the fix.
Step 5, Test the fix.
Step 6, Test the fix.
Step 7, Release the fix.
Score: 5 Votes (Like | Disagree)
csixty4 Avatar
csixty4
126 months ago
No. It's the SSL bug, which has nothing to do with AC vs N.

There's a good chance the firmware for 802.11n routers was never updated to use OpenSSL 1.0.1, which is where the "Heartbleed" bug was introduced. OpenSSL 0.98 and 1.0.0 were actively maintained in separate branches and had security patches back-ported. As long as the older routers didn't need the new features introduced in 1.0.1, it would be silly to upgrade the firmware just to upgrade.
Score: 4 Votes (Like | Disagree)
rudigern Avatar
rudigern
126 months ago
There is nothing to test, because it has been tested ad nauseum by thousands of people worldwide.

You don't do software development do you. Firmware is especially fragile because if it doesn't work, you could have all your customers lined out the front of your store with bricked Airports.
Score: 4 Votes (Like | Disagree)
Read All Comments

Popular Stories

iOS 17

iOS 17.2 Will Add These 12 New Features to Your iPhone

Friday December 1, 2023 12:19 pm PST by
iOS 17.2 has been in beta testing for over a month, and it should be released to all users in a few more weeks. The software update includes many new features and changes for iPhones, including the dozen that we have highlighted below. iOS 17.2 is expected to be released to the public in mid-December. To learn about even more features coming in the update, check out our full list. Journal ...
Read Full Article
iOS 16 4 Web Push

Apple Confirms Governments Using Push Notifications to Surveil Users

Wednesday December 6, 2023 5:06 am PST by
Unidentified governments are surveilling smartphone users by tracking push notifications that move through Google's and Apple's servers, a US senator warned on Wednesday (via Reuters). In a letter to the Department of Justice, Senator Ron Wyden said foreign officials were demanding the data from the tech giants to track smartphones. The traffic flowing from apps that send push notifications...
Read Full Article135 comments
airpods pro 2 pink

Apple Releases New AirPods Pro 2 Firmware

Tuesday December 5, 2023 11:28 am PST by
Apple today released new firmware update for both the Lightning and USB-C versions of the AirPods Pro 2. The new firmware is version 6B34, up from the 6B32 firmware introduced in November. Apple does not provide details on what features might be included in the refreshed firmware beyond "bug fixes and other improvements," so it is unclear what's new in the update, but prior software releases ...
Read Full Article76 comments
Beyond iPhone 13 Better Blue

'All-Screen' iPhone Under-Display Camera Enters Development

Wednesday December 6, 2023 2:03 am PST by
Apple's Korean suppliers have begun developing smartphone under-display cameras (UDC), paving the way for the first iPhone with a true "all-screen" appearance. According to The Elec, LG Innotek has entered the preliminary development of the UDC, which sits under the display and does not result in a visible hole in the panel when the camera is not in use. A UDC differs from a typical front ...
Read Full Article104 comments
magsafe blue 2

iOS 17.2 Brings Qi2 Support to iPhone 13 and iPhone 14 Models

Tuesday December 5, 2023 11:04 am PST by
The iOS 17.2 update that Apple is set to release to the public in the near future will bring support for the next-generation Qi2 wireless charging standard to the iPhone 13 and iPhone 14 models. Qi2 was mentioned in the release notes for the RC version of the update that came out today. With the addition of support for the new standard, iPhone 13 and iPhone 14 models will work with Qi2...
Read Full Article32 comments
iphone se 4 modified flag edges

iPhone SE 4 May Reuse Existing iPhone 14 Battery

Wednesday December 6, 2023 1:17 pm PST by
Recently, MacRumors has received details on the battery currently being tested on the upcoming fourth-generation iPhone SE, and the information corroborates previous findings in relation to the device. The iPhone SE 4, known by its device identifier D59, is expected to use the exact same battery found in the base model iPhone 14. Partially assembled prototypes of the next iPhone SE have been ...
Read Full Article81 comments
airpods pro bulbs

Black Friday Prices Return for AirPods Pro 2 With USB-C, iPad, and More

Tuesday December 5, 2023 7:30 am PST by
Today we're tracking a collection of deals that are matching - or nearly matching - the same all-time low discounts we saw during Black Friday. This includes the AirPods Pro 2 with USB-C, 9th generation iPad, and M1 MacBook Air. Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment, which helps us keep the ...
Read Full Article4 comments
instagram messenger

Instagram and Facebook Messenger Chats to Disconnect This Month

Tuesday December 5, 2023 1:57 am PST by
Meta has revealed plans to end Instagram users' ability to chat with Facebook accounts later this month, rolling back a feature that it introduced over three years ago. In September 2020, Meta (then Facebook) announced it was merging its Facebook Messenger service with Instagram direct messaging, allowing Instagram users to chat with Facebook users and vice versa using the same platform....
Read Full Article28 comments