Apple Releases AirPort Extreme and Time Capsule Firmware Update 7.7.3 With Heartbleed Fix

airport_utility_iconApple today released AirPort Extreme and AirPort Time Capsule Firmware Update 7.7.3 for AirPorts with 802.11ac. The update includes security improvements related to SSL/TLS.

AirPort Base Station Firmware Update 7.7.3
Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac

Impact: An attacker in a privileged network position may obtain memory contents

Description: An out-of-bounds read issue existed in the OpenSSL library when handling TLS heartbeat extension packets. An attacker in a privileged network position could obtain information from process memory. This issue was addressed through additional bounds checking. Only AirPort Extreme and AirPort Time Capsule base stations with 802.11ac are affected, and only if they have Back to My Mac or Send Diagnostics enabled. Other AirPort base stations are not impacted by this issue.

Earlier this month, an OpenSSL bug known as Heartbleed made headlines, with Apple releasing a statement noting that iOS, OS X, and its "key web services" were unaffected by the security flaw, but it appears that the company's AirPort Extreme and AirPort Time Capsule were vulnerable.

The 7.7.3 update is recommended for all models of the AirPort Extreme and Time Capsule that support 802.11ac Wi-Fi, other AirPort base stations do not need to be updated.

Related Forum: Networking

Popular Stories

Apple CarPlay Ultra instrument cluster themes 01

Apple's CarPlay Ultra Is Here – Does Your iPhone Support It?

Thursday May 15, 2025 5:17 am PDT by
Apple's recently announced CarPlay Ultra promises a deeply integrated in-car experience, but not all iPhone users will be able to take advantage of the new feature. According to Apple's press release, CarPlay Ultra requires an iPhone 12 or later running iOS 18.5 or later. This means if you're using an iPhone 11, iPhone XR, or any older model, you'll need to upgrade your device to access...
Apple CarPlay Ultra instrument cluster themes 01

Apple's 'CarPlay Ultra' Experience Now Available

Thursday May 15, 2025 5:07 am PDT by
Apple today announced that its next-generation CarPlay experience, now dubbed "CarPlay Ultra" begins rolling out today, starting with Aston Martin vehicles. Subscribe to the MacRumors YouTube channel for more videos. CarPlay Ultra is now available with new Aston Martin vehicle orders in the U.S. and Canada. It will also be available for existing models that feature the brand's next-generation ...
CarPlay Ultra Climate Controls

Apple Says These Vehicle Brands Plan to Offer All-New CarPlay Ultra

Thursday May 15, 2025 8:13 am PDT by
Apple today announced the launch of CarPlay Ultra, the long-awaited next-generation version of its CarPlay software system for vehicles. CarPlay Ultra features deep integration with a vehicle's instrument cluster and systems, built-in Radio and Climate apps, customizable widgets, and more. The interface is tailored to each vehicle model and automaker's identity, and drivers can also adjust...
iPhone 12 Made in India

Trump Tells Tim Cook to Stop Building iPhones in India

Thursday May 15, 2025 2:21 am PDT by
President Donald Trump has asked Apple CEO Tim Cook to halt the company's manufacturing expansion in India, in a potential disruption of Apple's plan to shift iPhone production away from China. "I had a little problem with Tim Cook yesterday," Trump said during his state visit to Qatar, according to Bloomberg. "He is building all over India." "They [India] have offered us a deal where...
apple music

Apple Music Gets New Transfer Tool to Make Switching From Spotify Easier

Wednesday May 14, 2025 5:17 pm PDT by
Apple this week introduced a new feature designed to allow prospective Apple Music users to import their saved music and playlists from third-party music services to Apple Music. The feature is either in an expanded testing phase or it has started rolling out, and it is available in Australia and New Zealand according to an Apple Support document. Signs of the transfer option first surfaced...
maxresdefault

Here's the First Real-World Look at Apple's CarPlay Ultra

Thursday May 15, 2025 5:52 am PDT by
The first videos of Apple's CarPlay Ultra experience are now available, providing a never-before-seen look at the long-anticipated iPhone-linked infotainment software. British automaker Aston Martin today shared the first video of Apple's CarPlay Ultra experience in-action, followed by a detailed walk-through of the CarPlay Ultra system on Top Gear's YouTube channel, which provides the...
vision pro video recording

WSJ: Some Apple Vision Pro Buyers 'Feel Total Regret'

Friday May 16, 2025 7:43 am PDT by
Apple's Vision Pro headset has left many early adopters expressing dissatisfaction over its weight, limited use cases, and sparse software ecosystem, according to a new article from The Wall Street Journal. In the year following the device's launch, user feedback suggests that it has failed to meet expectations for comfort, software support, and social acceptance. In interviews conducted by T...

Top Rated Comments

iNosey Avatar
145 months ago
Hmm airport express not affected?
Let me let you answer that. Does the AirPort Express use 802.11ac? No. Do you even read the article?
Score: 7 Votes (Like | Disagree)
coolfactor Avatar
145 months ago
"APPLE SUX! HAHAHAHA"

No, seriously, I wonder how many other routers out there are vulnerable to this and yet will never receive firmware updates because they are too difficult to install, unlike Airport routers?

I wonder if this vulnerability is unique to Airport routers because of the Back to the Mac feature that requires user credentials to stored in order to operate correctly?
Score: 6 Votes (Like | Disagree)
PsyOpWarlord Avatar
145 months ago
This is something I was also wondering, I just checked and their does not seem to be any updates for them. Hopefully they are not affected.
Did you read the article?

Only AirPort Extreme and AirPort Time Capsule base stations with 802.11ac are affected, and only if they have Back to My Mac or Send Diagnostics enabled. Other AirPort base stations are not impacted by this issue.
Score: 5 Votes (Like | Disagree)
Ralf The Dog Avatar
145 months ago
well what do you expect ?
more than a week to figure out that a product is linked with a faulty lib !!
Perhaps they don't read news :p
Good job Apple

Step 1, Find the bug.
Step 2, Fix the bug.
Step 3, Test the fix.
Step 4, Test the fix.
Step 5, Test the fix.
Step 6, Test the fix.
Step 7, Release the fix.
Score: 5 Votes (Like | Disagree)
csixty4 Avatar
145 months ago
No. It's the SSL bug, which has nothing to do with AC vs N.

There's a good chance the firmware for 802.11n routers was never updated to use OpenSSL 1.0.1, which is where the "Heartbleed" bug was introduced. OpenSSL 0.98 and 1.0.0 were actively maintained in separate branches and had security patches back-ported. As long as the older routers didn't need the new features introduced in 1.0.1, it would be silly to upgrade the firmware just to upgrade.
Score: 4 Votes (Like | Disagree)
rudigern Avatar
145 months ago
There is nothing to test, because it has been tested ad nauseum by thousands of people worldwide.

You don't do software development do you. Firmware is especially fragile because if it doesn't work, you could have all your customers lined out the front of your store with bricked Airports.
Score: 4 Votes (Like | Disagree)