Apple posts iSync security fix

Apple on Tuesday released Security Update 2005-004, an update intended to correct a security problem in its iSync 1.5 software. The software is available for download from Apple's Web site and from the Software Update system preference pane. The update patches iSync 1.5 on Mac OS X v10.2.8 and Mac OS X v10.3.x.

According to Apple, the update patches "mRouter," an iSync helper tool. Under certain circumstances, explained Apple, a buffer overflow vulnerability in mRouter could result in the execution of arbitrary command by local system users.