Security home

 

Home / mailingsPDF  

APPLE-SA-2017-12-12-2 AirPort Base Station Firmware Update 7.7.9

Posted on 12 December 2017
Apple Security-announce

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-12-12-2 AirPort Base Station Firmware Update 7.7.9

AirPort Base Station Firmware Update 7.7.9 is now available and
addresses the following:

AirPort Base Station Firmware
Available for: AirPort Extreme and AirPort Time Capsule base stations
with 802.11ac
Impact: An attacker within range may be able to execute arbitrary
code on the Wi-Fi chip
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-9417: Nitay Artenstein of Exodus Intelligence

AirPort Base Station Firmware
Available for: AirPort Extreme and AirPort Time Capsule base stations
with 802.11ac
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA
unicast/PTK clients (Key Reinstallation Attacks - KRACK)
Description: A logic issue existed in the handling of state
transitions. This was addressed with improved state management.
CVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU
Leuven
CVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU
Leuven

AirPort Base Station Firmware
Available for: AirPort Extreme and AirPort Time Capsule base stations
with 802.11ac
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA
multicast/GTK clients (Key Reinstallation Attacks - KRACK)
Description: A logic issue existed in the handling of state
transitions. This was addressed with improved state management.
CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU
Leuven

Installation note:

Firmware version 7.7.9 is installed on AirPort Extreme or
AirPort Time Capsule base stations with 802.11ac using
AirPort Utility for Mac or iOS.

AirPort Utility for Mac is a free download from
https://support.apple.com/downloads/ and AirPort Utility for iOS
is a free download from the App Store.

 

TOP

Mailings :

Exploits :