Another Way to Subvert Windows

Symantec have released details of another possible way to subvert Windows, more specifically through the Background Intelligent Transfer Service (BITS).

BITS is used by Windows Update to automatically download updates in the background and by Microsoft Messenger to transfer files. The fault lies in the fact that BITS bypasses any installed firewalls, and does not require any suspicious actions to start the download. By using BITS, an attacker could automatically download whatever they wanted to your computer, including password/ credit card logging software, remote access control software, the possibilities are endless.

While there are no major infections using this method, it is just a matter of time before one does come along. Hopefully, Microsoft will have addressed the issue before that happens.