BITS (Background Intelligent Transfer Service) est un composant de Windows XP, 2003 Server et Vista qui est charge du téléchargement des mises à jour du sytsème d'exploitation avec bien sûr des caractéristiques intéressantes : droits qui lui permettent de passer sans problème les contrôles du firewall de Windows XP, reprise automatique en cas d'interruption, etc.
Hackers hijack Windows Update's downloader
Stealing Windows' BITS gets bad code past any firewall (Gregg Keizer)
May 10, 2007 (Computerworld) -- Hackers are using the file transfer component used by Windows Update to sneak malware past firewalls, Symantec researchers said today.
The Background Intelligent Transfer Service (BITS) is used by Microsoft Corp.'s operating systems to deliver patches via Windows Update. BITS, which debuted in Windows XP and is baked into Windows Server 2003 and Windows Vista, is an asynchronous file transfer service with automatic throttling -- so downloads don't impact other network chores. It automatically resumes if the connection is broken.
"It's a very nice component, and if you consider that it supports HTTP and can be programmed via COM API, it's the perfect tool to make Windows download anything you want," said Elia Florio, a researcher with Symantec's security response team, on the group's blog. "Unfortunately, this can also include malicious files."
source : http://www.computerworld.com/action/art ... ws_ts_head )