The flaw could allow hackers to execute malicious code on affected devices Apple has released firmware updates for its AirPort wireless base stations in order to fix a vulnerability that could put the devices at risk of hacking. According to Apple security, the flaw is a memory corruption issue stemming from DNS (Domain Name System) data parsing that could lead to arbitrary code execution. The company released firmware updates 7.6.7 and 7.7.7 for AirPort Express, AirPort Extreme and AirPort Time Capsule base stations with 802.11n Wi-Fi, as well as AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Wi-Fi. The AirPort Utility 6.3.1 or later on OS X or AirPort Utility 1.3.1 or later on iOS can be used to install the new firmware versions on AirPort devices, the company said in an advisory. As is typical for Apple security announcements, the company did not release details about possible exploitation scenarios and did not assign a severity rating for the flaw. However “arbitrary code execution,” especially through a remote vector like DNS, is as bad as it can possibly get for a vulnerability. What is not clear is whether the data parsing issue is in the DNS server or DNS client functionality. A router like AirPort can serve as a local DNS resolver for devices on a network. This means that it receives DNS queries from computers and passes those queries upstream through the global Internet DNS chain. On the other hand, routers also act like DNS clients, asking other DNS servers on the Internet to resolve host names. If the error is in the parsing of queries received from LAN computers, it would limit the attack to the local network. Whereas, if the flaw is in the parsing of DNS responses, it could be exploited remotely. When a DNS client asks a server to resolve a domain name, the query is eventually passed to one of the Internet’s 13 so-called root DNS servers — in reality clusters of servers. Those servers indicate the authoritative DNS server for the queried domain name and it’s that authoritative server that replies with the requested information. Attackers could register rogue domain names and configure the authoritative DNS server for them to respond with specifically crafted data that would exploit the flaw. They would then have to trick a computer from behind an AirPort router to send a DNS query for one of their domain names, for example by tricking a user to click on a link. Another unknown is the privilege with which attackers would execute malicious code if this flaw is successfully exploited. If the code is executed under the root account, it could lead to a full device compromise. By controlling an AirPort device, attackers could launch various attacks against local network computers. They could hijack search queries, insert rogue ads into Web pages and even direct users to malicious websites when they try to access legitimate ones. Giving the potentially serious impact of this vulnerability and the fact that DNS is a critical service that can’t be easily disabled, users are advised to install the updated firmware as soon as possible. Related content news Gartner: AI to drive 10% jump in spending on data center systems Global IT spending is on track to exceed $8 trillion before 2030, Gartner says. By Michael Cooney Apr 17, 2024 3 mins Data Center news 2024 global network outage report and internet health check ThousandEyes tracks internet and cloud traffic and provides Network World with weekly updates on the performance of ISPs, cloud service providers, and UCaaS providers. By Ann Bednarz Apr 17, 2024 35 mins Internet Service Providers Network Management Software Cloud Computing news analysis Broadcom changes VMware pricing amid customer backlash and EU questioning President and CEO Hock Tan made an appeal to customers and partners of the former virtualization software provider in an effort to stave off criticism. By Elizabeth Montalbano Apr 16, 2024 4 mins Virtualization Data Center Networking brandpost Sponsored by HPE Aruba Networking Harnessing the power of the AI/5G inflection point Enterprises and telco operators are preparing their networks for profound innovations to come. By David Stark, Vice President and General Manager, Telco Solutions, HPE Aruba Networking Apr 16, 2024 7 mins Artificial Intelligence PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe