Expert: Virus Writers Can Exploit Microsoft Security Patch

Virus known to use Windows BITS to bypass firewalls


It has been claimed that virus writers may be able to use software company Microsoft's security patch updates to smuggle malicious files onto a computer.

Frank Boldewin, a security expert, claimed on his website that he has recently observed an e-mailed trojan which was exploiting a Windows program known as the Background Intelligent Transfer Service (BITS). He said BITS, which is used by Microsoft to download updates and security patches to Windows machines, can bypass local firewalls since it is part of the operating system.

Microsoft confirmed it is aware of public reports that BITS is being used by TrojanDownloader:Win32/Jowspry in order to bypass policy-based firewalls and install additional malware. However the company stated that machines would have to be infected with the trojan discovered by Boldewin first, in order for BITS to be exploited, and claimed it is not an attack vector for initial infection.

Microsoft recommended that users who believe their computer may be infected with the Jowspry trojan visit the Windows Live OneCare safety scanner, according to BBC News.

((Comments on this story may be sent to tww.feedback@m2.com))

<<Telecomworldwire -- 05/17/07>>