Apple Issues Security Alert

Firm warns on three WiFi driver flaws that could enable Intel and PowerPC hijacks

Apple Inc. (Nasdaq: AAPL) has issued a security alert for flaws in two of the most recent versions of the firm's Airport WiFi driver. The driver flaws may allow attackers on the WLAN network to crash or run code on the victims machine.

The alert says that a range of Apple computers including new machines based on Intel Corp. (Nasdaq: INTC)'s processors are affected by the alert. You can check if your machine is at risk and download patches here.

Apple's WiFi driver security has been an issue of late. At the recent Black Hat security show, SecureWorks Inc. researchers Jon Ellch and David Maynor showed a video demo of a hack using wireless drivers to quickly access a MacBook computer. The two researchers demonstrated how the drivers could be used to establish a connection and seize control of a laptop, even if the laptop was not associated with any WiFi access point. (See Users Eye New 802.11 Security Issues .) They were, however, using a third party driver for the exploit. (See Apple's Core Is Secure.)

In the official alert warning of the trio of potential WiFi hijacks, however, Apple notes that there are no known exploits for these new issues.

Worries about driver flaws in wireless software are not confined to Apple. These problems are becoming much more of an industry-wide issue as more and more devices get unwired. Intel also issued a similar warning about its Centrino WiFi chipset recently. (See Intel's Centrino Vulnerability.) Sprint Nextel Corp. (NYSE: S) says that such flaws are also a concern as it looks to implement a WiMax network across the U.S. in 2008 (See WiMax's Small Steps to Security.)

— Dan Jones, Site Editor, Unstrung