![]() Instead, two months later, he was invited to Cupertino to interview for a job on the team that tests the core operating system before it’s put into production, the interview says. Helie is quoted that he was hopeful of receiving a monetary reward from Apple for his findings, but Apple has no bounty program. Apple patched the vulnerability with the release of firmware versions 7.6.7 and 7.7.7 for AirPort Express, Extreme, and Time Capsule base stations with. Helie was a university student in Quebec when he found the original flaws in Apple’s operating system, the interview said. Helie, 21, is from Quebec, Canada, and according to a January interview on Canadian television, he was hired by Apple after privately disclosing three vulnerabilities. This update improves the stability and performance of your base station. remote configuration on AirPort Base Stations upgraded with the firmware included in the AirPort 4.2 updater. The vulnerability has been around since 2015 (CVE-2015-7029) and was disclosed by Apple’s Alexandre Helie. Firmware update 7.7.7 is recommended for all AirPort Extreme and AirPort Time Capsule base stations with 802.11ac. To check which AirPort Base station firmware revision you currently. Users are recommended to use AirPort Utility, which is a free download from the App Store, version 6.3.1 or later on OS X or AirPort Utility 1.3.1 or later on iOS to upgrade to the correct firmware version. It’s unknown whether the vulnerability has been exploited publicly, but Apple did say that an attacker could remotely run arbitrary code using this flaw.ĭNS parsing issues are particularly serious because an attacker who can insert himself onto the device could be able to intercept and redirect traffic. content of AirPort Base Station Firmware Update 7.6.7 and 7.7.7 by Apple Last. “This issue was addressed through improved bounds checking.”Ī request to Apple for further comment was not answered prior to publication. NETGEAR plans to release production firmware updates that fix the remote. “A memory corruption issue existed in DNS data parsing,” Apple’s advisory reads. Apple has released firmware updates for AirPort Extreme and AirPort Time Capsule base stations with 802. ![]() Last night, Apple released an advisory warning users of the AirPort Express, AirPort Extreme and AirPort Time Capsule base stations that a new firmware was available-AirPort Base Station Firmware Update 7.6.7 and 7.7.7-and should be applied immediately. Apple is keeping typically tight-lipped about a remote code execution vulnerability it patched in its AirPort router firmware. CVE-2019-8581: Lucio Albornoz AirPort Base Station Firmware Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: A remote attacker may be able to cause a system denial of service Description: A null pointer dereference was addressed with improved input validation.
0 Comments
Leave a Reply. |