Apple releases AirPort Base Station update with security fixes

AppleInsider

Apple on Thursday issued an AirPort Base Station firmware update to close a handful of security holes related to remote hacks, memory leaks and user data deletion.

Apple's AirPort Base Station Firmware Update 7.9.1 includes fixes for eight identified bugs impacting AirPort Extreme and AirPort Time Capsule base station hardware with 802.11ac connectivity.

Among the resolved security issues is a bug that allowed a remote attacker to leak memory through an errant out-of-bounds read capability.

Three denial of service issues were addressed in the patch, two of which could be triggered remotely through faulty code. The third involved a similar denial of service attack carried out by a bad actor in a privileged position. The problems were resolved through improved input validation and memory handling.

A null pointer dereference and a "use after free" issue were cited in a remote attack that could enabled a hacker to run code on a targeted device, while a separate issue allowed source-routed IPv4 packets to be unexpectedly accepted.

Finally, the update addresses an issue that left some some user information on a base station after performing a factory reset.

AirPort updates have been few and far between since Apple officially discontinued the line of branded wireless routers in 2018. The company last pushed out new software in 2017 to deal with the "KRACK Attack" vulnerability.

Apple's AirPort update can be performed through the AirPort Utility on Mac or iOS.

bobolicious

...hope springs eternal Apple will reintroduce this harware option in an upgraded version, at a base level adding USB3, and for pro use a 10GB enet option - what am I missing... ?

chasm

Apple does need to re-introduce AirPorts with full encryption, carrier privacy, and other security features, as well as updating to the current standards.

Soli

I'm with others that I'd pay well for an Apple mesh router system that had my privacy and security in mind. I'd even like to see Apple offer up their own DNS and VPN services from the router that keeps everything on your LAN away from those that wish to exploit your data, even if technically legal.

PS: Why does my Mac have to show me every WiFi SSID it can find? It should know that I'm likely looking for a particular one(s). Have those show up first and then increase the drop down to the other 50 around me that are printers, personal hotspots, and WiFi that are far away.

apple tree

Kudos to Apple for supporting discontinued hardware. I'll keep using them for as long as they are functional.

plovell

apple tree said:

Kudos to Apple for supporting discontinued hardware. I'll keep using them for as long as they are functional.

Amen to that. I bought an extra to have as a spare (still in the shrinkwrap). And an extra Express too since that's what I use for music throughout the house.

libertyandfree

I love my AirPort Extreme it’s the best router I have ever owned (still going strong after 4 years) and really hope Apple jumps back into the airport hardware business with an updated router.  

jdw

I love my white tower router, so I'm pleased about this update.  I tried other routers and found setup a horrid nightmare, which is why I bought the white tower.  Works very well and so easy to setup and maintain!  Crying shame they discontinued it.

christophb

They should buy or OEM Ubiquiti.

Japhey

AirPort will be back, but it will be integrated into next generation Apple TV’s, iMac’s, HomePod’s, and other unreleased future devices. But right now it’s all about the Mac Pro. Once that’s released I think Apple’s vision of the smart home will start to come into focus. 

sflocal

It pleases me that Apple still keeps the firmware current.

Id love to see them back into production and also use them as HomeKit hubs.

Crossing fingers.

mdoss

I do not see the update. Maybe this is a phased release and it will show up in a day or two, I hope.

Cheers

commentzilla

I just bought another Airport Time Capsule. I had a Netgear R8000 and it had excellent range but just about everything else sucked: admin access would freeze weekly. Time Machine on the Netgear was totally unreliable: regular volume corruption, stayed unmounted after reboot, etc.

Apple Airport / Airport Time Capsule is easily the best router I've owned.

macgui

I just installed an NOS/NIB Tower of Router. It came with firmware 6.9.x, I think. I updated to 7.7.1 or something, and today I updated again, to 7.9.1. I can't tell any difference, but that's ok by me.

Like Hue light bulbs, Apple could make a router 'hub' (the tower would be a nice place to start) and then install a mesh counterpart in desktops and HomePods. Standalone mesh units would be available for poor people who couldn't afford more than Mac or a HomePod.  And yeah, a built-in VPN would be great. And I too think we'll see Apple routers again.

AppleZulu

Still doesn't make sense to me that Apple backed out of this category just as they're trying to build out HomeKit as the private and secure smart home option. I usually feel like I can track with Apple's logic for what they do and don't prioritize. This one doesn't track.

imagladry

Did anyone else have a problem with the update? Airport Utility said the update failed and the basestation disappeared from my WiFi list. A WiFi diagnostic came up and that appeared to fix the problem.I was truly hoping that i didn’t end up with a boat anchor of a now unsupported piece of hardware.

sflocal

commentzilla said:

I just bought another Airport Time Capsule. I had a Netgear R8000 and it had excellent range but just about everything else sucked: admin access would freeze weekly. Time Machine on the Netgear was totally unreliable: regular volume corruption, stayed unmounted after reboot, etc.

Apple Airport / Airport Time Capsule is easily the best router I've owned.

Prior to buying my first Airport router, I went through countless of netgears, d-links, linksys, etc..  they all sucked for reasons you mentioned, and then some.

Turns out (no surprise) that these vendors screwed consumers by abandoning superior Japanese-made capacitors in exchange for cheap, Chinnese-made junk capacitors that would go bad after less than a year of use.

This is why I prefer Apple.  Their routers are the best made units on the market.  Top-quality materials and built like a tank.  Sure, it's not as "fancy" as what the competition has but most people will never have a need to get into the guts of their router. 

I hope Apple one day gets back into the router/mesh game.  They really need to show the competition how it's done.

chasm

I should add that although I now use an 802.11ac router supplied by my internet provider. I keep an Airport Express in my "presentation kit" when I do presentations to groups. Connect it to the ethernet and voila! A solid, dependable router that works flawlessly with AirPlay and doesn't suffer "lockdowns" the host company has put on their own Wi-Fi network (like blocking AirPlay, for example). Best router I have ever owned, bar none.

normm

imagladry said:

Did anyone else have a problem with the update? Airport Utility said the update failed and the basestation disappeared from my WiFi list. A WiFi diagnostic came up and that appeared to fix the problem.I was truly hoping that i didn’t end up with a boat anchor of a now unsupported piece of hardware.

Same thing happened to me (I think the error number was -19), and then after a little while everything was fine and the router was showing the latest firmware.

Christos S

If you care for user privacy, you create a VPN and DNS service, instead of TV and News apps.

sevenfeet

commentzilla said:

I just bought another Airport Time Capsule. I had a Netgear R8000 and it had excellent range but just about everything else sucked: admin access would freeze weekly. Time Machine on the Netgear was totally unreliable: regular volume corruption, stayed unmounted after reboot, etc.

Apple Airport / Airport Time Capsule is easily the best router I've owned.

My Netgear R8000 does the same thing.  Thought it was just me.