List Of Apple Products Affected By Broadpwn
Article ID = 178Article Title = List Of Apple Products Affected By Broadpwn
Article Author(s) = Graham Needham (BH)
Article Created On = 21st July 2017
Article Last Updated = 4th September 2017
Article URL = https://www.macstrategy.com/article.php?178
Article Brief Description:
A list of Apple hardware products that could potentially be affected by the Broadpwn security breach along with details of which products can be protected/updated, plus instructions on how to protect/update them.
What Is "Broadpwn"?
Broadpwn (CVE-2017-9417) is a nasty, easy to exploit security breach affecting some Wi-Fi chips manufactured by Broadcom i.e. the BCM4354, 4358 and 4359 series. More details about Broadpwn:CVE-2017-9417 at Common Vulnerabilities and Exposures
CVE-2017-9417 at National Vulnerability Database (NVD)
Broadpwn briefing at Black Hat USA 2017
Apple Products That Contain Broadcom 43xx Chips
Q. Which Mac do I have?
A. You can check "Processor", "Memory" and macOS/OS X/Mac OS X "Version" by going to Apple menu > About This Mac > Overview tab if necessary (hint - clicking on the version number will give you the "build" number).A. To check your Mac's "Model Name" go to Apple menu > About This Mac > Overview tab if necessary > check for the computer name in the top line e.g. "MacBook Pro" (this can only be checked with OS X 10.7 or later)
A. To check your Mac's model date version go to Apple menu > About This Mac > Overview tab if necessary > check the details after the Model Name e.g. "Early 2015" (this can only be checked with OS X 10.7 or later) - to be more specific and exact you can check what "Model Identifier" your Mac has by:
- If you are running Mac OS X 10.6 or earlier go to Apple menu > About This Mac > click the "More Info…" button > (the System Profiler application will open) select "Hardware" in the top left > check what it says for 'Model Identifier' on the right.
- If you are running OS X 10.7 or OS X 10.8 go to Apple menu > About This Mac > click the "More Info…" button > (the System Information application will open) select "Hardware" in the top left > check what it says for 'Model Identifier' on the right under 'Hardware Overview'.
- If you are running OS X 10.9 or later go to Apple menu > About This Mac > click the "Overview" tab in the top left > click the "System Report…" button > (the System Information application will open) select "Hardware" in the top left > check what it says for 'Model Identifier' on the right under 'Hardware Overview'.
- If you are running Mac OS X 10.6 or earlier go to Apple menu > About This Mac > click the "More Info…" button > (the System Profiler application will open) select "Graphics/Displays" under 'Hardware' in the top left (click the triangle down if necessary) > click on the 'Video Card' on the right to see the technical information below.
- If you are running OS X 10.7 or OS X 10.8 go to Apple menu > About This Mac > click the "More Info…" button > (the System Information application will open) select "Graphics/Displays" under 'Hardware' in the top left (click the triangle down if necessary) > click on the 'Video Card' on the right to see the technical information below.
- If you are running OS X 10.9 or later go to Apple menu > About This Mac > click the "Overview" tab in the top left > click the "System Report…" button > (the System Information application will open) select "Graphics/Displays" under 'Hardware' in the top left (click the triangle down if necessary) > click on the 'Video Card' on the right to see the technical information below. With OS X 10.11 or later here you will also find whether your GPU supports "Metal".
Product listing updated 10th August 2017 + 5th September 2017 with David Empson's testing information posted on MacInTouch.
- The following products cannot (currently) be updated to be protected against Broadpwn and it is unknown if they are vulnerable.
- Airport Time Capsule (all models)
- Airport Extreme (all models)
- Airport Extreme (5th generation) BCM4331
- The following products cannot (currently) be updated to be protected against Broadpwn but due to age appear to be immune to attack as the hardware does not support the Wi-Fi feature that has the vulnerability. Apple has made no official statement whether these products are vulnerable or not - use them with extreme caution on Wi-Fi!
- TV (original)
- TV (2nd generation) BCM43xx
- TV (3rd generation) BCM4330
- iPhone 1 to 4
- iPhone 4s BCM4330
- iPad 1 BCM43xx
- iPad 2 BCM43xx
- iPad 3 BCM4330
- iPad Mini BCM4334 - however, this model is vulnerable to CVE-2017-6975 which is fixed in 10.3.1 or later and this is an OS that is not supported on this device - use it with extreme caution on Wi-Fi!
- iPod touch BCM43xx
- iPod touch (2nd generation) BCM43xx
- iPod touch (3rd generation) BCM4339
- iPod touch (4th generation) BCM43xx
- iPod touch (5th generation) BCM4334 - however, this model is vulnerable to CVE-2017-6975 which is fixed in 10.3.1 or later and this is an OS that is not supported on this device - use it with extreme caution on Wi-Fi!
- iMac 20"/24" Mid 2007 BCM43xx
- iMac 20"/24" Early 2008 BCM43224
- iMac 20"/24" Early 2009 BCM43224
- iMac 20" Early Mid 2009 BCM43224
- iMac 21.5"/27" Late 2009 BCM43224
- Macbook 13" Aluminium Late 2008 BCM43xx
- Macbook 13" Mid 2009 BCM43224
- Macbook 13" Late 2009 BCM43xx
- Macbook Air Late 2008 BCM43xx
- Macbook Air Mid 2009 BCM43xx
- Macbook Pro 15"/17" Late 2007 BCM43xx
- Macbook Pro 15"/17" Early 2008 BCM43224
- Macbook Pro 15"/17" Late 2008 BCM43224
- Macbook Pro 17" Early 2009 BCM43xx
- Macbook Pro 13"/15"/17" Mid 2009 BCM43224
- Mac mini Mid 2007 BCM43xx
- Mac mini Early 2009 BCM43224
- Mac mini Late 2009 BCM43224
- Mac mini Server Late 2009 BCM43224
- Mac Pro (Silver/Cheese Grater) Early 2008 BCM43224
- Mac Pro (Silver/Cheese Grater) Early 2009 BCM43224
- The following products appear to be not susceptible to Broadpwn but if you want to be absolutely sure and safe any of these Macs running OS X 10.10 or 10.11 should be upgraded to macOS 10.12 Sierra to be protected. If they are running OS X 10.9 or earlier they appear to be immune to attack as these earlier versions of OS X do not support the Wi-Fi feature that has the vulnerability. Apple has made no official statement whether these older versions of OS X are vulnerable or not so we recommend, where you can, to upgrade them to macOS 10.12 Sierra as soon as possible! All other Apple products should be updated to their latest relevant available OS to be protected, just in case.
- iPhone 5 BCM4334 Murata 339S0171
- iPhone 5 BCM4334
- iPhone 5c BCM4334
- iPhone 5s BCM4334
- iPad 4 BCM4334
- iPad Air BCM43xx
- iPad Mini 2 BCM43xx
- iPad Mini 3 BCM43xx
- iMac 21.5"/27" Mid 2010 BCM43xx
- iMac 21.5"/27" Mid 2011 BCM4331
- iMac 21.5" Late 2011 BCM43xx
- Macbook 13" Mid 2010 BCM43xx
- Macbook Air 11"/13" Late 2010 BCM4360
- Macbook Air 11"/13" Mid 2011 BCM43xx
- Macbook Pro 13"/15"/17" Mid 2010 BCM4331
- Macbook Pro 13"/15"/17" Early 2011 BCM4331
- Macbook Pro 13"/15"/17" Late 2011 BCM4331
- Mac mini Mid 2010 BCM4331
- Mac mini Server Mid 2010 BCM4331
- Mac mini Mid 2011 BCM4331
- Mac mini Server Mid 2011 BCM4331
- Mac Pro (Silver/Cheese Grater) Mid 2010 BCM4331
- Mac Pro (Silver/Cheese Grater) Server Mid 2010 BCM4331
- Mac Pro (Silver/Cheese Grater) Mid 2012 BCM4331
- Mac Pro (Silver/Cheese Grater) Server Mid 2012 BCM4331
- The following products are definitely susceptible to Broadpwn. Macs running OS X 10.10 or 10.11 must be upgraded to macOS 10.12 Sierra to be protected. If they are running OS X 10.9 or earlier they appear to be immune to attack as these earlier versions of OS X may not support the Wi-Fi feature that has the vulnerability. Apple has made no official statement whether these older versions of OS X are vulnerable or not - use these Macs with extreme caution on Wi-Fi and if you can, upgrade them to macOS 10.12 Sierra as soon as possible! All other Apple products must be updated to their latest relevant available OS to be protected.
- Watch BCM4334
- iPhone SE BCM43xx
- iPhone 6/6+ BCM4334 Murata 339S0228 or possibly BCM4339 Murata LBEH5HMZPC
- iPhone 6s/6s+ BCM4350 USI 339S00043
- iPhone 7/7+ BCM4354(?) Murata 339S00199
- iPad 5 BCM43xx
- iPad Air 2 BCM43xx
- iPad Mini 4 BCM43xx
- All iPad Pros BCM43xx
- iPod touch (6th generation) BCM43xx
- iPod touch (7th generation) BCM43xx
- iMac 21.5"/27" Late 2012 BCM4360
- iMac 21.5" Early 2013 BCM43xx
- iMac 21.5"/27" Late 2013 BCM4360
- iMac 21.5" Mid 2014 BCM43xx
- iMac 27" Retina 5K Late 2014 BCM43xx
- iMac 27" Retina 5K Mid 2015 BCM43xx
- iMac 21.5" Retina 4K/27" Retina 5K Late 2015 BCM4360
- iMac 21.5" 2017 BCM43xx
- iMac 21.5" Retina 4K/27" Retina 5K 2017 BCM43xx
- Macbook Retina 12" Early 2015 BCM43xx
- Macbook Retina 12" Early 2016 BCM4360
- Macbook Retina 12" 2017 BCM43xx
- Macbook Air 11"/13" Mid 2012 BCM4360
- Macbook Air 11"/13" Mid 2013 BCM4360
- Macbook Air 11"/13" Early 2014 BCM43xx
- Macbook Air 11"/13" Early 2015 BCM4360
- Macbook Air 13" 2017 BCM43xx
- Macbook Pro 13"/15" Mid 2012 BCM4331 or BCM4360?
- Macbook Pro 13"/15" Retina Mid/Late 2012 BCM4331 or BCM4360
- Macbook Pro 13"/15" Retina Early/Late 2013 BCM4360
- Macbook Pro 13"/15" Retina Mid 2014 BCM4360
- Macbook Pro 13"/15" Retina Early/Mid 2015 BCM4360
- Macbook Pro 13"/15" Touch Bar 2016 BCM4360
- Macbook Pro 15" 2016 BCM4360
- Macbook Pro 13"/15" Touch Bar 2017 BCM4360
- Macbook Pro 15" 2017 BCM4360
- Mac mini Late 2012 BCM4360
- Mac mini Server Late 2012 BCM4360
- Mac mini Late 2014 BCM4360
- Mac Pro (Black) Late 2013 BCM4360
- Administrator level users will be able to re-enable Wi-Fi at any time.
- Booting into the startup manager (Option or Alt key) automatically re-enables Wi-Fi temporarily.
- Booting into recovery mode automatically re-enables Wi-Fi temporarily.
- Booting from an alternate OS (OS X 10.11 or earlier) including external devices may re-enable Wi-Fi while booted from that alternate OS.
- Reinstalling macOS / OS X may re-enable Wi-Fi.
How Can I Check What Chip My Apple Mac Computer Has?
Go to Apple menu > About This Mac > click "System Report…" > select "Wi-Fi" under 'Network' on the left > on the right check what it says for "Firmware Version" > this will list the Wi-Fi chip > if it states "Broadcom BCM43xx" your Mac needs to be secured (see below).How Do I Secure My Apple Product?
Apple released iOS 10.3.3, macOS 10.12.6, tvOS 10.2.2 and watchOS 3.2.3 on 19th July 2017 - all these updates containApple Mac Computers
Q. How can I tell which version of macOS / OS X / Mac OS X I am running?
A. Go to Apple menu (top left) > About This Mac > check the version reported for macOS / OS X / Mac OS X.If you haven't already upgraded, upgrade to macOS 10.12.
If you are already running macOS 10.12, update to macOS 10.12.6 or later.
If you are running BootCamp, install the Wi-Fi Update for Boot Camp 6.1 (run the Apple Software Update application within Windows to install it).
Apple iOS Devices (iPhone/iPad/iPod touch)
If you haven't already upgraded, upgrade to iOS 10.If you are already running iOS 10, update to iOS 10.3.3 or later.
Apple TV (4th generation models only)
update to tvOS 10.2.2 or later.Apple Watch
update to watchOS 3.2.3 or later.If You Cannot Upgrade/Update Your Apple Product
Your only option is to switch off Wi-Fi:Apple Mac Computers
Go to Apple menu > System Preferences > Network > select Wi-Fi on the left and click the "Turn Wi-Fi Off" button on the right.
NOTES:
Apple iOS Devices (iPhone/iPad/iPod touch)
Go to Settings app > Wi-Fi > turn Wi-Fi OFF.
Apple TV
There is no way to do this in software - but plugging in an ethernet cable to a working network would appear to disable Wi-Fi.
Apple Watch
All affected Apple Watches can be updated to watchOS 3.2.3 or later - so patch now!
If this information helped you or saved you time and/or money why not donate a little to us via PayPal?
All proceeds go directly to MacStrategy / Burning Helix to help fund this web site.
If this information helped you or saved you time and/or money why not donate a little to us via PayPal?
All proceeds go directly to MacStrategy / Burning Helix to help fund this web site.
Go to this
web page
to donate to us.
If this information helped you or saved you time and/or money why not donate a little to us via PayPal?
All proceeds go directly to MacStrategy / Burning Helix to help fund this web site.
All proceeds go directly to MacStrategy / Burning Helix to help fund this web site.
If this information helped you or saved you time and/or money why not donate a little to us via PayPal?
All proceeds go directly to MacStrategy / Burning Helix to help fund this web site.
Go to this
web page
to donate to us.
All proceeds go directly to MacStrategy / Burning Helix to help fund this web site.
Go to this
web page
to donate to us.
