Network News

X My Profile
View More Activity

Data-Stealing Trojan Exploiting Just-Patched Windows Flaw

Microsoft Windows users who have not yet applied the security update that Redmond released yesterday should take a minute to do that now: Security experts are warning that at least one Trojan horse program with apparent spreading capabilities is in circulation, and that we are likely to see additional malware exploiting the flaw in the coming days.

The ThreatExpert Blog has the skinny on Gimmiv.A, a Trojan that appears to have worm-like ability to spread to other systems on a network. This is likely to be more of a threat for large, enterprise networks than for individual home users.

On an unpatched corporate network, all it would take is for an employee to plug an infected laptop into the network, and without firewalls enabled on each machine inside of the network or some type of host-based intrusion detection software running, that network could be in real trouble very quickly.

Oddly enough, ThreatExpert says that in addition to taking a swipe at the victim's stored passwords and trying to sucker punch any one of several anti-virus tools that could be installed on the victim's machine, Gimmiv downloads an image file of Homer Simpson. Woo-hoo!


Sunbelt Software says they're not able to verify ThreatExpert's claims that Gimmiv.a is anything more than a data-stealing Trojan, calling claims that the Trojan also functions as a network worm as "misinformation."

Regardless, this is a nasty vulnerability, period. If you haven't patched, do it now. If history is any teacher, Sunbelt's estimation of the threat is probably spot-on: "We would make an educated guess that a worm will hit soon (maybe in the next day or so)."

By Brian Krebs  |  October 24, 2008; 2:56 PM ET
Categories:  Fraud , Latest Warnings , New Patches , Safety Tips  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: Microsoft to Issue Emergency Security Update Today
Next: Java Update Promises to Remove Older Versions


Still using Windows, the high-priced product with high vulnerability? Do yourself a favor and switch to the no-cost, secure alternative- *Linux*. See .

Posted by: hairguy01 | October 25, 2008 11:06 AM | Report abuse

Why does WaPo censor comments about safe alternatives to Windoze, such as Linux?

Posted by: hairguy01 | October 25, 2008 11:17 AM | Report abuse

Why Liux as opposed to say a Mac? You don't have to be an IT expert to install the MacOS and the latter has good apps

Posted by: GWGOLDB | October 25, 2008 8:44 PM | Report abuse

GWGOLDB, you may be interested to learn that one doesn't have to be an IT expert to install and use such Linux distributions as Ubuntu, which boasts a plethora of useful applications....


Posted by: mhenriday | October 26, 2008 7:49 AM | Report abuse


This writer predicts that Linux use will increase inversely as the economy tanks. And Henri is right. Linux users need not be rocket scientists.


Posted by: featheredge9 | October 27, 2008 1:24 AM | Report abuse

Linux has come a long way to make itself more user friendly. I went from never having used a Linux machine before, to fully functioning with Ubuntu in one day, and I haven't looked back since. In addition, any problems that you might encounter all have solutions, most of which are already documented on, all you need to know is where to look.

Posted by: mcarmean09 | October 27, 2008 1:05 PM | Report abuse

Hi Brian,

I run Firefox 100% of the time. When I am prompted to go to IE for Microsoft security updates, I do as required and then close IE, reboot if prompted and then return to Firefox.

Are the updates carried out via IE automatically applied to Firefox as well?

Sorry if this is a repeat question.

Thanks in advance,

Posted by: living_consciously | October 31, 2008 2:26 PM | Report abuse

The comments to this entry are closed.

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company