Hackers use Windows Update to download malicious code
‘Microsoft’s Windows Update has a component called Background Intelligent Transfer Service (BITS) that downloads updates while you’re busy doing other things with your computer. If you get disconnected, the update will pick up where it left off when you get back on the network.
Sounds great, right? Well, generally it is. But since BITS is part of your operating system, your firewall doesn’t really check to see what it’s downloading. And while there is pretty much no risk of automatically downloading a virus or trojan through Windows Update under normal circumstances, hackers are starting to use BITS to download code to computers that have already been affected.’
