Data-Stealing Trojan Exploiting Just-Patched Windows Flaw
Microsoft Windows users who have not yet applied the security update that Redmond released yesterday should take a minute to do that now: Security experts are warning that at least one Trojan horse program with apparent spreading capabilities is in circulation, and that we are likely to see additional malware exploiting the flaw in the coming days.
The ThreatExpert Blog has the skinny on Gimmiv.A, a Trojan that appears to have worm-like ability to spread to other systems on a network. This is likely to be more of a threat for large, enterprise networks than for individual home users.
On an unpatched corporate network, all it would take is for an employee to plug an infected laptop into the network, and without firewalls enabled on each machine inside of the network or some type of host-based intrusion detection software running, that network could be in real trouble very quickly.
Oddly enough, ThreatExpert says that in addition to taking a swipe at the victim's stored passwords and trying to sucker punch any one of several anti-virus tools that could be installed on the victim's machine, Gimmiv downloads an image file of Homer Simpson. Woo-hoo!
Sunbelt Software says they're not able to verify ThreatExpert's claims that Gimmiv.a is anything more than a data-stealing Trojan, calling claims that the Trojan also functions as a network worm as "misinformation."
Regardless, this is a nasty vulnerability, period. If you haven't patched, do it now. If history is any teacher, Sunbelt's estimation of the threat is probably spot-on: "We would make an educated guess that a worm will hit soon (maybe in the next day or so)."
October 24, 2008; 2:56 PM ET
Categories: Fraud , Latest Warnings , New Patches , Safety Tips
Save & Share: Previous: Microsoft to Issue Emergency Security Update Today
Next: Java Update Promises to Remove Older Versions
Posted by: hairguy01 | October 25, 2008 11:06 AM | Report abuse
Posted by: hairguy01 | October 25, 2008 11:17 AM | Report abuse
Posted by: GWGOLDB | October 25, 2008 8:44 PM | Report abuse
Posted by: mhenriday | October 26, 2008 7:49 AM | Report abuse
Posted by: featheredge9 | October 27, 2008 1:24 AM | Report abuse
Posted by: mcarmean09 | October 27, 2008 1:05 PM | Report abuse
Posted by: living_consciously | October 31, 2008 2:26 PM | Report abuse
The comments to this entry are closed.