Apple Inc. has released a fix for its wireless networking hub to prevent attackers from gaining access to information stored on a linked computer.
The software upgrade for Apple's AirPort Extreme Base Station with 802.11n addresses a flaw that permitted incoming connections through the Wi-Fi hub, and another security hole that would let attackers see files on a password-protected machine.
Only versions of the hub using the draft version of the 802.11n wireless networking standard would require the firmware, or operating software, upgrade.
In an advisory issued Tuesday about Apple's version 7.1 firmware upgrade, Danish internet security firm Secunia gave the vulnerabilities a rating of "less serious," the second-lowest on its five-point scale.
Attackers routinely try to gain access to computers over the internet by scanning for open connections that they can use to enter a system. Most home internet routers have a built-in firewall that rejects incoming connections.
In contrast, the previous instalment of the hub's firmware was set to allow connections through a newer version of the standard on which the internet operates, called IPv6 (internet protocol version 6). It did not offer users a way to block or reject incoming IPv6 connections. Incoming IPv4 connections are rejected by default.
Only people on the same local network could exploit the flaw that permitted filenames on a password-protected AirPort disk to be viewed, Apple said.
The security update is available for download from Apple's website.
