Home / News / Windows Updates open to malware
A trojan programme has been detected which uses Windows security patches to go under a computer’s radar.

Windows Updates open to malware

Microsoft has said it is aware of at least one program in circulation that can hijack a key component of Windows Update in order to bypass a firewall and introduce malicious software onto a computer undetected.

The malware infects the Background Intelligent Transfer Service (BITS) within Windows Update. "Using BITS to download malicious files is a clever trick because it bypasses local firewalls, as the download is performed by Windows itself, and does not require suspicious actions for process injection," said Elia Florio, a researcher at security firm Symantec, reported the BBC.

Microsoft insists that for the Firewall to be bypassed, systems must already have been affected by the trojan: "The bypass relies on [Jowspry] already being present on the system; it is not an attack vector for initial infection,” said a spokesperson from the software giant. “The bypass most commonly occurs after a successful social engineering attempt lures the user into inadvertently running [Jowspry], which then utilizes BITS to download additional malware."

Microsoft recommends that anybody who thinks they may have been infected with the Jowspry trojan should visit Windows Live OneCare safety scanner.

Check Also

Health tech Special: How to get involved in PCR’s November issue

The next issue of PCR, which hits desks at the beginning of November, will include …