Apple Security Advisory 2014-04-22-4
Posted by deepcore on April 24, 2014 – 9:57 am
Apple Security Advisory 2014-04-22-4 – AirPort Base Station Firmware Update 7.7.3 is now available and addresses a security issue. An out-of-bounds read issue existed in the OpenSSL library when handling TLS heartbeat extension packets. An attacker in a privileged network position could obtain information from process memory. This issue was addressed through additional bounds checking. Only AirPort Extreme and AirPort Time Capsule base stations with 802.11ac are affected, and only if they have Back to My Mac or Send Diagnostics enabled. Other AirPort base stations are not impacted by this issue.
Post a reply
You must be logged in to post a comment.