Asstroturfer Tom Shelton wrote on behalf of Micoshaft Corporation:
> On May 11, 8:50 pm, Roy Schestowitz <newsgro...@xxxxxxxxxxxxxxx>
> wrote:
>> Hackers hijack Windows Update's downloader
>>
>> ,----[ Quote ]
>> | Hackers are using Windows Updates' file transfer component to sneak
>> | malicious code downloads past firewalls, Symantec researchers said
>> | Thursday.
>> |
>> | The Background Intelligent Transfer Service (BITS) is used by
>> | Microsoft's operating systems to deliver patches via Windows
>> | Update. BITS, which debuted in Windows XP and is baked into
>> | Windows Server 2003 and Windows Vista, is an asynchronous file
>> | transfer service with automatic throttling -- so downloads
>> | don't impact other network chores. It automatically resumes
>> | if the connection is broken.
>> `----
>>
>> http://news.yahoo.com/s/infoworld/20070510/tc_infoworld/88424;_ylt=Am.
>
> Very disingenuous... There is no hole in windows update, or in BITS.
> It's just saying that some malware is begining to take advantage of
> built in services to do their dirty work. The malware has to already
> compromised the system before it can take advantage of BITS. BITS is
> a nice component - I've used it in my own code to implement auto-
> update functionality.
You, an unemployable windopz security expert I assume, know this is
not a hole?
The BITS systems in its entirety is the hole
as it bypasses network filtering and thus when hijacked
becomes the biggest hole in your PC that your security system can't touch
while stopping anything else that tries to use networking in the
usual way.
So you explain Micoshaft Corporation security 'expert', who should
buy your code now?
> Tom Shelton
|
|
