Apple has released an update for Airport Extreme on Intel-based Macs. The update patches a critical security issue and improves connectivity to WEP Open System networks on MacBook Core 2 Duos and MacBook Pro Core 2 Duos. Apple gives us an in-depth look on the security issue:
An out-of-bounds memory read may occur while handling wireless frames. An attacker in local proximity may be able to trigger a system crash by sending a maliciously-crafted frame to an affected system. This issue affects the Core Duo version of Mac mini, MacBook, and MacBook Pro computers equipped with wireless. Other systems, including the Core 2 Duo versions are not affected. This update addresses the issue by performing additional validation of wireless frames. Credit to LMH for reporting this issue.
Apple also gives us details on the overall update.
This update is recommended for all Intel-based Macintosh computers and improves compatibility with AirPort Extreme base stations and networks.
This update includes the content from the AirPort Extreme Update 2007-001, and addresses a security issue as described in:
This update also improves compatibility for the MacBook Core 2 Duo and the MacBook Pro Core 2 Duo when using certain third-party access points configured to use WEP Open System security.
The update can be obtained from Apple's Software Update and Apple's download page.
Recommended Comments