Apple Patches KRACK Hole

Wednesday, December 13, 2017 @ 12:12 PM gHale


Apple released firmware updates for its 802.11n and 802.11ac AirPort products to fix security issues.

AirPort Base Station firmware update 7.6.9 is now available for AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n, and AirPort Base Station firmware update 7.7.9 is out for AirPort Extreme and AirPort Time Capsule base stations supporting the more advanced 802.11ac wireless standard.

RELATED STORIES
Apple Releases OS Fix
Apple Patches KRACK Holes
Mac Backdoor Released by Media Player
Apple Silently Patches OS Hole

Four security vulnerabilities ended up patched in the AirPort Base Station 7.6.9 and 7.7.9 firmware updates, including the KRACK Wi-Fi security vulnerability.

The KRACK (Key Reinstallation Attacks) vulnerability was disclosed two months ago by security researcher Mathy Vanhoef of the imec-DistriNet group at KU Leuven, and it could allow an attacker in the range of the Wi-Fi network to intercept any communication and expose sensitive information like credit card details or passwords.

The AirPort Base Station 7.7.9 firmware update for AirPort Extreme and AirPort Time Capsule base stations with 802.11ac also patches a memory corruption issue discovered by Nitay Artenstein of Exodus Intelligence, which could allow an attacker within the range of the wireless network to execute arbitrary code on the Wi-Fi chip.

Apple said it addressed the KRACK Wi-Fi vulnerability with improved state management, and the memory corruption issue with improved memory handling.



Leave a Reply

You must be logged in to post a comment.