After an update for newer devices with 802.11ac technology now, the 802.11n base stations are tuned. A quick import is advisable.
A few months ago, Apple had fixed a total of eight vulnerabilities in its WLAN products, some of which could be exploited remotely. At that time, however, only newer models with 802.11ac wireless technology were covered. Now, the group turns to owners of older devices, whose hardware, as it turns out were also affected. The new AirPort Firmware 7.8.1 updates AirPort Express, AirPort Extreme Setup, and AirPort Time Capsule with 802.11n support.
Remote attacks disable routers
According to the leaflet, the AirPort software of the 802.11n devices contains all eight bugs that Apple also fixed in the 802.11ac models. Accordingly, the older models were three weeks without a patch for already publicly known errors. When the new firmware 7.9.1 for the 802.11ac devices – Setup AirPort Extreme 802.11ac and AirPort Time Capsule 802.11ac – was released, there was no indication whether the 802.11n models were also affected and whether Apple plans an update. Why the updates did not appear simultaneously is also unclear.
According to Apple, a total of eight security bugs have now been fixed just as with the 802.11ac models. Three are denial-of-service attacks that can disable the device – two of which are remotely exploitable. Furthermore, it was possible to read memory areas remotely and even execute remote code due to two bugs (use-after-free problem and zero pointer dereference).
Device not completely deleted
In addition, there were difficulties with source-routed IPv4 packets that were unwantedly accepted; also a potential attack surface. Apple also found that resetting the routers to their original state did not erase all data, as would be expected – so it could happen that the original owner was left with hardware sold to third parties. Whether this represented a concrete data protection problem is unknown; Details are missing so far.
Users should install the new AirPort firmware 7.8.1 as soon as possible. This is done as usual via the AirPort utility on the Mac. Apple has not been selling Reset AirPort Extreme hardware since last year – Wi-Fi products have been removed from the program without replacement after being left un-updated for a long time. However, the hardware is durable and should still be in use with some users.
With this new update, these old routers will definitely have better security features, which in turn will benefit those who are using these devices. If you are using AirPort Express, AirPort Extreme and AirPort Time Capsule and haven’t had a chance to get the update, then you should contact AirPort help and support providers for all the assistance regarding getting the new update.