Malware hijacks Microsoft’s Windows Updates

Apple Store“Virus writers may be able to smuggle malicious files onto a computer using Microsoft’s security patch updates, experts say,” BBC News reports.

“At least one program is in circulation that can hijack a key component of Windows Update to introduce malicious software that could be used to hijack a computer,” The Beeb reports. “The method bypasses users’ firewall, allowing files to download undetected. Microsoft said it was aware of reports of the attack.”

MacDailyNews Take: Mediocresoft is aware, but they don’t give a sheet. They’re too busy counting every copy of Vista they’ve ever inflicted upon the world and shouting the total from the rooftops in yet another attempt to keep the sheep on the farm. For numbers are all they have; they have no other advantage – none whatsoever. Malwaresoft knows that if they lose the numbers, well, there goes the farm. And they’re quite aware there’s long been a Tiger in sheep’s clothing lurking around and a Leopard getting dressed for action soon.

The Beeb continues, “Security expert Frank Boldewin said on his website reconstructer.org that he had recently noticed an e-mailed trojan – a type of program or message that looks benign but conceals a malicious payload – which was exploiting a Windows program known as the Background Intelligent Transfer Service (BITS).

“BITS is used by Microsoft to download security patches and updates to Windows machines. Because it is part of the operating system, it is able to bypass local firewalls while it downloads,” The Beeb reports. “Mr Boldewin found the trojan was piggybacking on BITS to download malicious files… Microsoft recommended that anybody who thought they may have been infected with the Jowspry trojan should visit Windows Live OneCare safety scanner.”

MacDailyNews Take: Once again, Mafiasoft leads their sheep to slaughter. Related article: Microsoft’s Live OneCare ‘security’ failureware: dead last in test of 17 Windows security apps – March 07, 2007

Full article here.

[Thanks to MacDailyNews Reader “Animac” for the heads up.]

31 Comments

  1. What about Apple Software Update? I know there are safeguards in place both from Apple and Microsoft to attempt to download & install only legitimate updates. I’m curious- what technically is better about Apple’s method and couldn’t this be exploited as well?

  2. @Brad:

    The difference with Apple’s Software Update, and Mac OS X in general, is that it requires your password to install any software.

    In Microsoft’s case, it’s installing silently, using their tool to bypass security. Apple’s tool doesn’t bypass security, it works with it.

  3. Remember, open-source software is only high quality because it breaches up to 235 of Microsoft’s patents.

    On a related topic, I migrated one of my Windows customers to a new ADSL2+ service yesterday which required changing the IP address of the server’s external network card.

    I did all the right things, including changing all the address references in ISA Server, and yet the server would not deliver web pages.

    After some head-scratching, I noticed an error in the server’s log – no mean feat in a Windows system – that looked suspicious and discovered that, for reasons passing understanding, ISA Server was still listening for web requests on the old IP address.

    So after another thirty minutes of head-scratching and ten minutes of playing with fscking Regedit finding and changing rogue IP references, we have a working server again.

    High quality? Don’t make me laugh.

  4. @brad,
    In short I believe the answer is yes (but not nearly as easily), and I think it’s just a matter of time – And when it happens, of course the press will spin it as the day that OS X lost all credibility whatsoever period. What will need to be remembered is that, when that inevitable day comes the ratio of exploited exploits between VISTA/XP and OS X (any version) will be roughly 144,000:1, respectively. If OS X is ACTUALLY compromised today that’s what the ratio will be, and I’ve got to believe that every day that goes by at least ten more ACTUAL viruses and worms are released into the wild and wooly world of Windows OSes.

    AND, ulike MS, who treats even the most serious viral attacts on its OSes with a shrug of the shoulders, in contrast, when something attacks the Apple OSes, Apple gets very proactive. No tedious enigmatic subscriptions to third party virus solutions, no shoulder shrugging, just action, directly from the developer.

    In a way I wish we’d all lighten up on the finger pointing when it comes to malicious attacks on Windows versus Mac OS, and go back to a more qualitatively focused comparison – It’s only a matter of time before OS X gets hit (and as already stated the press will blow it totally out of proportion). And, the fact that Windows has always had lots of really bad stuff getting through is not our problem, hell, not even MS cares. If the consumer continues to propagate MS Oses by purchasing them, then it’s no one’s fault but the consumer’s. Let the buyer be ware.

    Here’s the real point, stop buying Windows, start demanding OS X and Linux in the workplace.

    Peace

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.