BITS and Pieces: The Untold Story of CVE-2020–0787
<p>In the world of cybersecurity, uncovering hidden vulnerabilities is similar to exploring unexplored territories. These vulnerabilities, often hiding in plain sight, can have a profound impact on system security. One such discovery, CVE-2020–0787, sheds light on a critical privilege escalation vulnerability within Windows Background Intelligent Transfer Service (BITS).</p>
<p>In this blog post, we will embark on a journey, revealing the inner workings of BITS and diving deep into the heart of this vulnerability. Let’s start by understanding what BITS is and its role in Windows.</p>
<h1>What is BITS?</h1>
<p>Background Intelligent Transfer Service (BITS) is a fundamental component of Windows, serving as a bridge between programmers, system administrators, and HTTP web servers or SMB file shares. BITS has a crucial function: to download or upload files while ensuring that the user’s foreground activities remain uninterrupted. It’s the silent worker that optimizes network usage, handles interruptions gracefully, and even resumes transfers after a system reboot.</p>
<p>But within this seemingly normal service, there’s a hidden weakness waiting to be exploited.</p>
<h1>Weakness in BITS</h1>
<p><a href="https://medium.com/@jug091000/bits-and-pieces-the-untold-story-of-cve-2020-0787-cb808ac07fa8"><strong>Read More</strong></a></p>