Last Friday on Symantec’s security blog Elia Florio described how malicious files/code like Trojans (detected as Downloader) was using an interesting technique to download files which involves a Windows component named “BITS†(Background Intelligent Transfer Service).
Currently there’s no fixes from MS yet, but hopefully they’ll take the matter seriously and provide a fix asap.
All details concerning this new Windows Update security issue are described here.