Researcher Reveals 2-Step Vista UAC Hack
,----[ Quote ]
| A Web application developer has uncovered a two-step process
| (PDF) for exploiting Windows Vista's User Account Control,
| essentially by having a Trojan piggyback on what could be al
| egitimate download.
`----
http://www.eweek.com/article2/0,1895,2131595,00.asp
Last week:
Hackers hijack Windows Update's downloader
,----[ Quote ]
| Hackers are using Windows Updates' file transfer component to sneak
| malicious code downloads past firewalls, Symantec researchers said
| Thursday.
|
| The Background Intelligent Transfer Service (BITS) is used by
| Microsoft's operating systems to deliver patches via Windows
| Update. BITS, which debuted in Windows XP and is baked into
| Windows Server 2003 and Windows Vista, is an asynchronous file
| transfer service with automatic throttling -- so downloads
| don't impact other network chores. It automatically resumes
| if the connection is broken.
`----
http://news.yahoo.com/s/infoworld/20070510/tc_infoworld/88424;_ylt=AmG6tVfakzdyOhladyyKQMYjtBAF
|
|
