Trojan targets Windows Update

And so it blows

By Nick Farrell

Thu May 17 2007, 09:42

A TROJAN HAS been seen in the wild which is designed to use Windows Update to install itself.

Security expert Frank Boldewin said on his website reconstructer.org that the method hijacks Windows security patches enabling hackers to continually update the malware on an infected computer.

Already one program is in circulation which effectively bypasses users' firewall, allowing files to download undetected. Microsoft says it is aware of the problem and is working on a fix.

Boldewin said he had recently noticed the e-mailed trojan which was exploiting a Windows program known as the Background Intelligent Transfer Service (BITS).

Because BITS is part of the operating system, it is able to bypass local firewalls while it downloads. The trojan piggybacked on BITS to download malicious files.

More here. µ

Cnet is accused of bundling malware with downloads The down low on low down Cnet downloads Tuesday, 6 December 2011, 12:12 PM Read more	Microsoft acknowledges Duqu virus vulnerability Has no fix yet but has a workaround Friday, 4 November 2011, 09:17 AM Read more
Researchers plan to demo Android root exploits Antivirus vendors rush to get on top of the mobile malware problem Wednesday, 21 September 2011, 15:51 PM Read more	Malicious ads make their way onto Bing and Yahoo Point users to rogue web sites Friday, 16 September 2011, 15:56 PM Read more
Three out of four rootkit infections are on Windows XP Report is not good news for the Microsoft OS Thursday, 28 July 2011, 15:43 PM Read more	Mac fake anti-virus malware is evolving fast, doesn't need a password What works for Windows, works for Mac Thursday, 26 May 2011, 12:15 PM Read more

< Previous article| Next article >

Comments

There are no comments submitted yet. Do you have an interesting opinion? Then be the first to post a comment.

INQ White papers

Java Developer (Junior) -

Junior/Graduate Java Develo...

INQ Poll

Authorities in several countries raided Megaupload recently, shut down all of its services, seized hundreds of servers and arrested several of its executives on criminal charges.

Do you think the move was justified?

Yes, companies should suffer an immediate death penalty upon being accused of copyright infringement.

Yes, the coppers said the company was breaking the law so it must be guilty.

No, the company and the people accused are innocent until proven guilty.

No, the company had millions of customers who have been harmed by having access to their data files cut off.

I don't care, I never used Megaupload anyway.

View other polls

© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Salary Calculator

Search for a job:

Recruitment Agency A-Z Directory

Accreditations:

Digital Publisher of the Year 2010

Trojan targets Windows Update

Share this:

RIM Playbook OS 2.0 and Blackberry 7.1 video demo

Nokia Lumia 710 video review

Databases

Network management

Security

Service oriented architecture

Storage

Java Developer (Junior) -

Junior/Graduate Java Develo...

Read more