Apple has removed a critical vulnerability in AirPort base stations
Apple periodically releases firmware updates AirPort base station to improve the performance and functionality of the device. In the latest update, the company has eliminated dangerous vulnerability that could allow attackers to execute arbitrary code.
As reported by Securitylab, the company released a security Bulletin that notifies you that the firmware update for AirPort base stations. According to the description of the vulnerability in the Bulletin, error CVE-2015-7029 exists in code responsible for handling DNS packets. The attacker can remotely using a specially crafted DNS response to cause a buffer overflow and execute arbitrary code on the target system.
The vulnerability affects an AirPort Express base station, AirPort Extreme routers and network access points AirPort Time Capsule with support for 802.11 n, AirPort Extreme base station and AirPort Time Capsule that support 802.11 ac.
Apple strongly recommends that you install the latest firmware version 7.6.7 or 7.7.7 utility AirPort Utility 6.3.1 for OS X, or AirPort Utility 1.3.1 for iOS. Firmware update AirPort set only when the program is run AirPort Utility: you must select a base station and upgrade it.