BroadPwn Exploit

CheMillan

macrumors member
Original poster
Jan 5, 2015
88
35
Los Angeles
Hello,

The Wi-Fi Broadcom firmware version of my 2013 iMac is: Broadcom BCM43xx 1.0 (7.15.166.24.3).
My iMac has Yosemite 10.10.5, Safari 10.1.2, and Security Update 2017-003 installed. I would like to know if my iMac is vulnerable to the BroadPwn exploit. Thanks
 

inaka

macrumors 6502
Apr 26, 2010
361
2
Hello,

The Wi-Fi Broadcom firmware version of my 2013 iMac is: Broadcom BCM43xx 1.0 (7.15.166.24.3).
My iMac has Yosemite 10.10.5, Safari 10.1.2, and Security Update 2017-003 installed. I would like to know if my iMac is vulnerable to the BroadPwn exploit. Thanks
Yes, your iMac is vulnerable to the BroadPwn exploit.
That security update did not address the BroadPwn exploit.
There is currently no "fix" for that specific exploit for Mac OS X 10.11 or earlier, other than turning off Wifi.
 

cynics

macrumors G4
Jan 8, 2012
11,554
1,871
Any reason in particular you are sticking with Yosemite? I understand the "if it ain't broke" mentality but in my experience Yosemite was the worst performing OSX release the 2013 iMac had.
[doublepost=1501111198][/doublepost]
Yes, your iMac is vulnerable to the BroadPwn exploit.
That security update did not address the BroadPwn exploit.
There is currently no "fix" for that specific exploit for Mac OS X 10.11 or earlier, other than turning off Wifi.
BTW, do you have a source for this? Yosemite security update 2017-003 was released from Apple the same day they patched the exploit in the rest of their line up.
 

chrfr

macrumors G3
Jul 11, 2009
9,250
3,205
BTW, do you have a source for this? Yosemite security update 2017-003 was released from Apple the same day they patched the exploit in the rest of their line up.
It's right in the security notes for the update. The wifi patch only applies to 10.12.6.
Available for: macOS Sierra 10.12.5

Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip

Description: A memory corruption issue was addressed with improved memory handling.
Notice how 10.10.5 and 10.11.6 are not mentioned in the "available for" section.
From https://support.apple.com/en-us/HT207922
 
  • Like
Reactions: cynics
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.