Computerworlduk has published an article about a hack that bypasses firewalls in Windows’ Update feature.

The technology named (BITS) Background Intelligent Transfer Service made its debut in Windows XP operating system and it is also included in Windows Server 2003 and the new Windows Vista.

“It’s a very nice component and if you consider that it supports HTTP and can be programmed via COM API, it’s the perfect tool to make Windows download anything you want. Unfortunately, this can also include malicious files,” said Elia Florio who is one of the researchers at Symantec’s security response team.

“It is novel. Attackers are leveraging a component of the operating system itself to update their content. But the idea of bypassing firewalls isn’t new,” added Oliver Friedrichs who is the director of the team.

Source: COMPUTERWORLDUK