Apple patches Heartbleed vulnerability in latest AirPort Extreme, Time Capsule update
AppleInsider Staff
In response to the Heartbleed kerfuffle, Apple on Tuesday rolled out a firmware update for all 2013 AirPort Extreme and AirPort Time Capsule models that protects affected units from the OpenSSL vulnerability.
As noted by MacWorld, the firmware update that went live earlier today is specifically designed for Apple's latest AirPort products launched in June 2013.
In a statement provided to the publication, Apple said:
The firmware update provides a fix for the recent OpenSSL vulnerability for the latest generation of 802.11ac enabled AirPort Extreme and AirPort Time Capsule base stations (June 2013). This vulnerability only impacts recent Airport devices that have the Back to My Mac feature enabled. Customers with previous generation AirPort Extreme and AirPort Time Capsules do not need to update their base stations.
With Back to My Mac enabled, Heartbleed could allow a nefarious user to intercept data packages between a user and an AirPort base station, though Apple IDs and passwords would not be revealed.
Earlier this month, Apple announced iOS, OS X and key Web services were not affected by Heartbleed as the products did not incorporate the flawed software.
Mike Wuerthele
Malcolm Owen
Chip Loder
William Gallagher
Christine McKee
Michael Stroup
