After you've done the delicate Windows Validation dance, but before you actually get the latest automatic update, there's a background component running in Windows called BITS (Background Intelligent Transfer Service), tasked with acquiring the key updates that keep your system protected. So you can imagine how security analysts are very interested by Elia Florio's (of Symantec) new paper, outlining security compromises bypassing firewalls via BITS -- but there's a catch. BITS itself isn't compromised, per se, it's just a content acquisition service for Windows. In other words, your machine already has to be compromised for BITS to bypass your firewall; this kind of hack just helps whichever Trojan / worm / virus you've become infected with acquire more software components to aid in its intrusion. So the next time your mom or dad sends you bits-hack-RUN-ME.exe, think twice.

[Thanks, Philip]

Sony's TZ ultraportable series gets official-er