Hackers hijack Windows Update’s downloader
Computerworld - Hackers are using the file transfer component used by Windows Update to sneak malware past firewalls, Symantec researchers said today. The Background Intelligent Transfer Service (BITS) is used by Microsoft Corp.’s operating systems to deliver patches via Windows Update. BITS, which debuted in Windows XP and is baked into Windows Server 2003 and Windows Vista, is an asynchronous file transfer service with automatic throttling — so downloads don’t impact other network chores. It automatically resumes if the connection is broken.
“It’s a very nice component, and if you consider that it supports HTTP and can be programmed via COM API, it’s the perfect tool to make Windows download anything you want,” said Elia Florio, a researcher with Symantec’s security response team, on the group’s blog. “Unfortunately, this can also include malicious files.”
Ok,seems to be no solutions yet to this exploit. Even if no attacks have been reported yet, the chance that some trojans will come is quite big once this announcement has been made.The BITS can go by default to most of the firewalls and that make this treat really a big one.Until Microsoft will come with a solution best would be if you can set the update service as not trusted in your firewall application.This will allow you to get the updates by trusting the application only when you are sure is really get updates and nothing else.
Read the full story here, at Computerworld and watch yourself.
