Apple Patches KRACK with AirPort Firmware Updates

KRACK WPA2 WiFi security flaw

Apple released a pair of AirPort firmware updates to patch the KRACK vulnerability on Tuesday. AirPort Base Station Firmware Update 7.6.9 was released for AirPort base stations with 802.11n, while AirPort Base Station Firmware Update 7.7.9 was released for older AirPort base stations that support 802.11ac.

KRACK is a vicious vulnerability that affected WiFi devices far and wide. It allowed attackers to potentially get even encrypted data going over a network.

KRACK WPA2 WiFi security flaw
KRACK flaw makes WPA2 hackable on any WiFi network

Patch Notes for AirPort Base Station Firmware Update 7.7.9

AirPort Base Station Firmware

Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac
Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-9417: Nitay Artenstein of Exodus Intelligence

AirPort Base Station Firmware

Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA unicast/PTK clients (Key Reinstallation Attacks – KRACK)
Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management.
CVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU Leuven
CVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU Leuven

AirPort Base Station Firmware

Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA multicast/GTK clients (Key Reinstallation Attacks – KRACK)
Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management.
CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven

Patch notes for AirPort Base Station Firmware Update 7.6.9

AirPort Base Station Firmware

Available for: AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA unicast/PTK clients (Key Reinstallation Attacks – KRACK)
Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management.
CVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU Leuven
CVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU Leuven

AirPort Base Station Firmware

Available for: AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA multicast/GTK clients (Key Reinstallation Attacks – KRACK)
Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management.
CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven

You can download the updates through AirPort Utility on either iOS or macOS.

4 thoughts on “Apple Patches KRACK with AirPort Firmware Updates

  • Apple patched Macs running High Sierra, Sierra, and El Capitan with a security update on the 1st of November to protect against this hack. This latest firmware update protects one if you’re using an Airport Extreme or express with some other brand of computer, I think. Were older Apple routers susceptible to this vulnerability?

  • I’m with Mr Kheit here. Didn’t Apple assert that they/we were safe from the KRACK ? Liar, liar, pants on fire !

    I see that my older AirPort units (the ones that look like laptop chargers) didn’t get an update, and I still use them for connecting non WiFi enabled printers to my home network. Is Apple forgetting that there’s still a lot of them out here in the wild ?

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

WIN an iPhone 16 Pro Max!