This article originally appeared in TidBITS on 2017-12-12 at 7:39 p.m.
The permanent URL for this article is:
Include images: Off

AirPort Base Station Firmware Updates 7.6.9 and 7.7.9

by Agen G. N. Schmitz

Apple has released firmware updates for the current AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Wi-Fi [1] (these tower-like models receive Firmware Update 7.7.9), as well as older AirPort Express, AirPort Extreme, and AirPort Time Capsule models with 802.11n Wi-Fi [2] (Firmware Update 7.6.9). Both updates patch the KRACK exploits (see “Wi-Fi Security Flaw Not As Bad As It’s KRACKed Up To Be [3],” 17 October 2017), improving the handling of state transitions to prevent reusing a nonce (aka, Number ONCE, an arbitrary number that can only be used once) in WPA multicast/GTK clients. Update 7.7.9 also addresses a memory corruption issue that enabled an attacker within range to execute arbitrary code on the Wi-Fi chip. You must update your AirPort base station using AirPort Utility on your Mac [4] or an iOS device with Apple’s AirPort Utility app [5] installed. (Free, release notes [6] for 7.6.9, release notes [7] for 7.7.9)