Apple releases Security Update 2005-004

Hot on the heels of Mac OS X 10.3.9, Apple has released Security Update 2005-004, which fixes buffer overflow in iSync could lead to local privilege escalation.

Apple's description reads "The iSync helper tool mRouter contains a buffer overflow vulnerability. This could result in the execution of arbitrary commands as root by local system users. Security Update 2005-004 fixes this issue by providing a patched version of mRouter. Credit to Braden Thomas for reporting this issue.

Security Update 2005-004 is available either through Software Update, or as a standalone, 1 MB Web download.

If you are having any problems with the new release, please let us know.

Resources