Apple has released a bug fix patch for its 2013 AirPort Extreme and Time Capsule, fixing the OpenSSL ‘Heartbleed’ vulnerability. The update does not apply to the AirPort Express.
Firmware update 7.7.3 is recommended for all AirPort Extreme and AirPort Time Capsule base stations with 802.11ac. It provides security improvements related to SSL/TLS. Other AirPort base stations do not require this firmware update.
Amusingly, when Heartbleed made headlines earlier this month, Apple said that no key software or services were affected. They conveniently forgot to mention that their latest router hardware was susceptible to the flaw.