• On TV.com: Sexy summer bodies photo gallery
March 20, 2008 9:23 AM PDT

Security fix released for Apple AirPort Extreme Base Station

by Robert Vamosi

Apple released on Wednesday a security update for the AirPort Extreme Base Station with 802.11n.

The Firmware 7.3.1 update addresses the Apple Filing Protocol (AFP) vulnerability detailed in CVE-2008-1012.

Apple said there is an input validation issue in the way AirPort Extreme Base Station validates AFP requests. A maliciously crafted AFP request may cause file sharing to become unresponsive. This issue does not affect Time Capsule or AirPort Express.

The update for the Fast Ethernet version of Airport Extreme and the Gigabit Ethernet editions is available on from Apple support. Earlier this week Apple released an update for its Safari browser, along with an ominbus security update for Mac OS X.

Apple credits Alex deVries for reporting the AFP vulnerability.

As CNET's resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security. Listen to his podcast at securitybites.cnet.com or e-mail Robert with your questions and comments.
Topics:

Security

Tags:

Security,

Apple,

Airport Extreme,

AFP

Share:
Digg
Del.icio.us
Reddit
advertisement
Click here!
Recent posts from Defense in Depth
Window Snyder to leave Mozilla
How to handle ID fraud's youngest victims
Is white listing going mainstream?
How Live OneCare changed the antivirus landscape
Express Scripts clients threatened with extortion
Study: DDoS attacks threaten ISP infrastructure
Security expert talks Russian gangs, botnets
Extortion used in Express Scripts database breach
Related
Add a Comment (Log in or register)
Update
by jelloburn March 20, 2008 11:00 AM PDT
I know Apple released a new update that enables a USB HDD
plugged into an Airport Extreme being usable as a Time Machine
drive and that was released through software update. Is this the
same one?

If it is, this is the most biased reporting I have ever read.
Reply to this comment
yeah, that's it
by Dalkorian March 21, 2008 10:03 AM PDT
http://www.macworld.com/article/132613/2008/03/airporttime.h
tml

It would be fair to mention that the update mentioned the security
improvements, but seemed to ignore the functionality
improvement. It may not necessarily be Robert's fault.
advertisement

Making sense of Windows 7 upgrades

faq The basics and the fine print on Microsoft's options for those eyeing the next operating system from Redmond.
• Full Windows 7 coverage

Road Trip 2009: Big Sky Country

CNET News reporter Daniel Terdiman takes his car full of gadgets to the Rockies and the Great Plains in search of tech, science, nature, and more.
• America's Fortress: Cheyenne Mountain

About Defense in Depth

Covering computer viruses and computer crime, Robert Vamosi goes beyond the hype to provide you with expert interviews of the top security researchers, as well as offering the hands-on, nontechnical advice you'll need to stay safe online.

Add this feed to your online news reader

Defense in Depth topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET