“At least one program is in circulation that can hijack a key component of Windows Update to introduce malicious software that could be used to hijack a computer,” The Beeb reports. “The method bypasses users’ firewall, allowing files to download undetected. Microsoft said it was aware of reports of the attack.”
MacDailyNews Take: Mediocresoft is aware, but they don’t give a sheet. They’re too busy counting every copy of Vista they’ve ever inflicted upon the world and shouting the total from the rooftops in yet another attempt to keep the sheep on the farm. For numbers are all they have; they have no other advantage – none whatsoever. Malwaresoft knows that if they lose the numbers, well, there goes the farm. And they’re quite aware there’s long been a Tiger in sheep’s clothing lurking around and a Leopard getting dressed for action soon.
The Beeb continues, “Security expert Frank Boldewin said on his website reconstructer.org that he had recently noticed an e-mailed trojan – a type of program or message that looks benign but conceals a malicious payload – which was exploiting a Windows program known as the Background Intelligent Transfer Service (BITS).
“BITS is used by Microsoft to download security patches and updates to Windows machines. Because it is part of the operating system, it is able to bypass local firewalls while it downloads,” The Beeb reports. “Mr Boldewin found the trojan was piggybacking on BITS to download malicious files… Microsoft recommended that anybody who thought they may have been infected with the Jowspry trojan should visit Windows Live OneCare safety scanner.”
MacDailyNews Take: Once again, Mafiasoft leads their sheep to slaughter. Related article: Microsoft’s Live OneCare ‘security’ failureware: dead last in test of 17 Windows security apps – March 07, 2007
Full article here.
[Thanks to MacDailyNews Reader “Animac” for the heads up.]