Malware piggybacks on Windows updates
Who says there's no such thing as a free ride?
Just ask the 100,000 or so folks who've been infected with malware that has piggybacked on Windows updates, according to a report by security research firm Symantec.
According to the report, a recent Trojan began circulating in March via spammed German email. The Trojan used an "interesting" technique to download malicious files, according to the report. Its method of attack was by way of a Windows component, also known as Background Intelligent Transfer Service (BITS), to do its dirty deeds.
The trouble, however, is Windows updates rely on BITS as its main service for downloading patches and keeping the operating system humming along. And because the BITS service is part of Windows OS, it?s trusted and can bypass the local firewall as it downloads files.
Get the picture.
Javier Santoyo, manager at Symantec's Security Response Center, had this analogy: imagine someone opening a door with a legitimate access badge and an attacker tailgating them to enter the building.
Microsoft weighed in with its comments.
The software giant stated that users would have already had to have been duped, via social engineering, into allowing the TrojanDownloader:Win32/Jowspry to infect their system. Once infected, the Trojan utilizes BITS to download additional malware.
And so it goes, unless an infected user scans their system and removes all variants of the Trojan, Microsoft notes.
Dawn Kawamoto covers enterprise security and financial news relating to technology for CNET News. E-mail Dawn. 
"If people were required to be licensed before owning a
computer, things like this wouldn't happen."
True.
I had this thought:
If Micro$loth could build a decent OS that wasn't able to be
hacked by almost any 12 year old in minutes, this wouldn't
happen either.
True.
Come on already, hackers are now using Winblows Update to
download malware around all installed firewalls and all other
security measures. What part of that isn't funny?
problems with the idea:
1. Who sets the conditions for the license? (If an MS-centric IT
specialist did it, it might not even be possible to comply with the
terms on non-Microsoft systems, for instance because of anti-
virus software requirements.)
2. How is this going to be enforced?
3. As legislators in the U.S. and elsewhere are so fond of
forgetting, the Internet is an international network, not a
national one. Sure, you could probably make this law in the U.S.,
and maybe in some parts of Europe too, but you need it to be
law *everywhere* in order for it to be worthwhile.
Of course, if we made the Internet into its own separate state,
able to raise tax revenue from online sales, and gave it its own
law, its own courts and its own police force, then yes, we could
probably do this. But in that case we might not even need to,
because it would be much easier to arrest and prosecute people
for distributing malware in the first place. (The problem with
that idea is that it's perhaps even less likely to happen than a
global licensing scheme :-))
- There awtta be a law
- by thenet411 May 14, 2007 3:33 PM PDT
- If people were required to be licensed before owning a computer, things like this wouldn't happen. Look into it.
- Like this Reply to this comment
-
(7 Comments)