Firmware-update: Apple AirPort Base Station 7.9.1

Apple heeft nieuwe firmware vrijgegeven voor het AirPort Base Station. Het apparaat controleert zelf eens per week of er een update beschikbaar is en laat vervolgens het oranje lampje knipperen. Het installeren van de nieuwe firmware moet wel handmatig gebeuren. Om dit te doen moet de gebruiker AirPort Utility starten, op Update Firmware klikken en de aanwijzingen opvolgen. In uitgave 7.9.1 zijn de volgende veranderingen en verbeteringen doorgevoerd:

About AirPort Base Station Firmware Update 7.9.1

Firmware update 7.9.1 improves the security of your base station and is recommended for all AirPort Extreme and AirPort Time Capsule base stations with 802.11ac.

About the security content of AirPort Base Station Firmware Update 7.9.1

• A remote attacker may be able to leak memory - An out-of-bounds read was addressed with improved input validation. CVE-2019-8581
• A remote attacker may be able to cause a system denial of service - A null pointer dereference was addressed with improved input validation. CVE-2019-8588
• A remote attacker may be able to cause a system denial of service - A denial of service issue was addressed with improved validation. CVE-2018-6918
• A remote attacker may be able to cause arbitrary code execution - A use after free issue was addressed with improved memory management. CVE-2019-8578
• A base station factory reset may not delete all user information - The issue was addressed with improved data deletion. CVE-2019-8575
• An attacker in a privileged position may be able to perform a denial of service attack - A denial of service issue was addressed with improved memory handling. CVE-2019-7291
• Source-routed IPv4 packets may be unexpectedly accepted - Source-routed IPv4 packets were disabled by default. CVE-2019-8580
• A remote attacker may be able to cause arbitrary code execution - A null pointer dereference was addressed with improved input validation. CVE-2019-8572