Apple Fixes AirPort Router Flaw

Apple released an update yesterday that patches a nine-month-old security hole in AirPort routers. The security updates are available for AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n; also updated are AirPort Extreme and AirPort Time Capsule base stations with 802.11ac.

Apple is not disclosing much information about the flaw but wrote in a support document that “a memory corruption issue existed in DNS data parsing. This issue was addressed through improved bounds checking.” Apple said that the flaw allows a remote attacker to execute arbitrary code.

 
The flaw was discovered in January by a user named Alexandre Hélie from Montreal, according to the Canadian website TVA Nouvelles. You can follow these instructions to update the firmware on your AirPort routers.