A new security update from Apple addresses two flaws in the company's Airport Extreme wireless hubs.
The patch only affects the latest 802.11n base stations. 802.11n-equipped notebooks, desktops, and earlier model Airport base stations are not affected.
The more serious of the two vulnerabilities could allow a hacker to access a network and carry out remote attacks. By default, some systems were not configured to block incoming IPv6 traffic, allowing for unsolicited connections to be made without the user's knowledge.
The second of the two vulnerabilities lies within the Airport disk component. This allows for a USB storage device to be connected to the base station and added to the wireless network. If exploited, the vulnerability could allow an attacker to view filenames on the USB disk. The attacker would not, however, be able to open any files or applications.
Macintosh wireless networking components has been the subject of several vulnerability reports in recent months. Last August, a pair of researchers on a MacBook Pro using a 3rd-party networking card.
In November, security researcher HD Moore www.vnunet.com that targeted older Macs. Apple patched Airport-specific vulnerabilities in www.vnunet.com and www.vnunet.com.
The latest Airport update can be downloaded from Apple's support site.
Apple patches 802.11n Airports
By Shaun Nichols on Apr 11, 2007 12:15PM