Apple has released a firmware upgrade to fix a remotely exploitable security issue in the AirPort Extreme Base Station.
The flaw, publicly known since April, could allow remote attackers to adversely affect network performance," Apple said in an advisory.
The skinny (CVE-2007-2242):
A design issue exists in the IPv6 protocol's handling of type 0 routing headers. Depending on network topology and capacity, the reception of specially crafted IPv6 packets may lead to a reduction in network bandwidth. This update addresses the issue by disabling the support for type 0 routing headers.
Mac OS X users are still waiting for a fix for a months-old flaw affecting Apple’s Java runtime.