“Virus writers may be able to smuggle malicious files onto a computer using Microsoft’s security patch updates, experts say,” BBC News reports.
“At least one program is in circulation that can hijack a key component of Windows Update to introduce malicious software that could be used to hijack a computer,” The Beeb reports. “The method bypasses users’ firewall, allowing files to download undetected. Microsoft said it was aware of reports of the attack.”
MacDailyNews Take: Mediocresoft is aware, but they don’t give a sheet. They’re too busy counting every copy of Vista they’ve ever inflicted upon the world and shouting the total from the rooftops in yet another attempt to keep the sheep on the farm. For numbers are all they have; they have no other advantage – none whatsoever. Malwaresoft knows that if they lose the numbers, well, there goes the farm. And they’re quite aware there’s long been a Tiger in sheep’s clothing lurking around and a Leopard getting dressed for action soon.
The Beeb continues, “Security expert Frank Boldewin said on his website reconstructer.org that he had recently noticed an e-mailed trojan – a type of program or message that looks benign but conceals a malicious payload – which was exploiting a Windows program known as the Background Intelligent Transfer Service (BITS).
“BITS is used by Microsoft to download security patches and updates to Windows machines. Because it is part of the operating system, it is able to bypass local firewalls while it downloads,” The Beeb reports. “Mr Boldewin found the trojan was piggybacking on BITS to download malicious files… Microsoft recommended that anybody who thought they may have been infected with the Jowspry trojan should visit Windows Live OneCare safety scanner.”
MacDailyNews Take: Once again, Mafiasoft leads their sheep to slaughter. Related article: Microsoft’s Live OneCare ‘security’ failureware: dead last in test of 17 Windows security apps – March 07, 2007
Full article here.
[Thanks to MacDailyNews Reader “Animac” for the heads up.]
Where’s that guy who was calling me ignorant because I submitted the story of the first vulnerability discovered for Vista – on the first day it was released? According to him, I’m an ignorant loser because I didn’t recognize that Vista is much more secure than OS X.
I think he called himself “Truth”. Ironic, isn’t it?
@Gandalf
You are so correct. I remember back in the days of NT and Novell, the Novell guys were always pointing out that NT could be faster but it ran stuff at Ring 0 or 1, whatever kernal access is, and that made NT more prone to crashing.
Novell on the other hand had strict ring enforcement and nothing touched the kernal. So yes a little slower but much more stable.
Most likely the same with OS X
Sorry, I thought the title meant that Windows Update had been hacked so that it wouldn’t release updates and patches. That would be pure evil – nice try patching that one and getting it to all 40,000<strike>,000</strike> users, Muckrosoft.
Oh well. I guess I stand corrected.
But I’m also surprised that there is no “Microsoft Genuine Advantage” with Windows Update. You know, so you can be sure that the little demons you’re about to welcome aboard are approved by yours untruly in Redmond.
@ clyde
The more people hear that the ‘most secure variant of Windows’ can be breached and compromised, the more of them may head to the Apple Store instead of WalMart or Best Buy when it’s time to buy a new computer.
Best Buy sells Macs in some stores, but for some reason promote Vista way more. So you’re okay there.
MW: million … how many? 22?
Oh, sorry, that’s OS X.
” width=”19″ height=”19″ alt=”smile” style=”border:0;” />
Best Buy sells Macs in some stores, but for some reason promote Vista way more. So you’re okay there.
Should’ve said:
Best Buy sells Macs in some stores, but for some reason promotes Vista way more. So you’re okay there.
I stand corrected.
MW: service … and how about you, Dell?
In all fairness, this is kind of a strange warning. Read the details – you have to be already infected with the trojan in order for it to exploit BITS. The “hijack” is something that’s already happened.
>”In all fairness, this is kind of a strange warning. Read the details – you have to be already infected with the trojan in order for it to exploit BITS. The “hijack” is something that’s already happened.”
Finally someone gets it – You already have to have opened a malicious email attachment or file (and are thus already compromised) AND THEN go to Windows Update for this attack to be effective. It has absolutely nothing to do with the Windows Update process whatsoever.
Again, you are already compromised before using Update…