Trojan Alert - Warning to people using unpatched versions of Windows XP

[shaneturner12]

Trojan Alert - Warning to people using unpatched programs

If you are wondering why I am being specific, it is related to a serious security issue - I may not be a security researcher or similar, but it is serious enough to be mentioned here.

Some people may have heard of the Zeus trojan - it's mostly affecting UK users, but may affect systems anywhere in the world.

Systems that are not fully up to date (with updates for all installed software) are affected, although according to various sources, it is affecting Windows XP machines at the moment.

It is one of the most serious trojans around - most antivirus software cannot pick it up, and it is capable of stealing login and bank details.

Further details about the trojan: http://news.cnet.com/8301-27080_3-20013246-245.html

Shane

 

[aardvark1]

Hi Shane,

Thank you for bringing this up for the Trainz Community.

The major news networks in the USA have broadcast this warning and hopefully users will update their files accordingly.

You are correct in reporting the effect it has with on line banking, it grabs your bank info and presents you with a false bank statement on line after it has taken funds from you account, so you think all is good when viewing you account on line.

Hope everyone using on line banking here in the Trainz Community updates the necessary files.

Cheers and have fun,

 

[Gandalf0444]

Thanks for sharing!
Yet another reason why people need to stop being stubborn and just update the damn things when Microsoft says to!(Unless for course the computer is offline 100% of the time then there is no need.)

 

[RRSignal]

Actually, the exploit mainly takes advantage of security flaws in Adobe Flash, Reader/Acrobat, and Java. There are some IE vulnerabilities as well.

Obviously, if you want to be as safe as possible, don't use IE. That's been the case for the last decade. But Flash, Reader and Java, along with MS Office and Quicktime have become some of the primary attack vectors. Therefore, it's as imperative if not more so to keep those up-to-date.

 

[UP5521]

Man,thanks for the quick warning,I only wished that I could have saved my desktop before it was too late,but it was and now,I have to get it cleaned up because of internet worms and other dangerous threats!

 

[shaneturner12]

I couldn't agree more - so I have a further tip.

Download a copy of Secunia PSI (free for personal use) from http://secunia.com/vulnerability_scanning/personal/

Run a full system scan using the software to identify the files that are insecure, then follow the instructions to rectify it. If it picks up a flaw in part of the OS, a Windows/Microsoft update will be required to fix this.

For people who do not have much knowledge on computers, I would advise using the Basic mode, but this will hide some of the harder to fix security problems. Advanced mode is recommended to fix all the problems shown (Secunia gets the information directly from the software makers, so it is usually up to date on the insecure programs side.

Shane

 

[cascaderailroad]

Gad Zukes...Great Ceasars Ghost Alive...(like in the movie: "Tron") Tiny Roman soldiers hiding in a tiny trajan horse, all roamin' about inside my PC, wreaking havoc...GET OWWWWT !

Varmints ! Norton 360, Threatfire, and Free Malwarebytes...iz gonna git ya, rascally rascal's

 

[shaneturner12]

A further problem I have found relating to keeping programs up to date is a known problem with Adobe Reader, which unfortunately is unpatched (Basically, Adobe have not released a patch for it)

I would advise extreme caution if clicking on adverts, or use Firefox with the NoScript addon.

Just to let people know, Secunia PSI has an auto-update facility available for some programs including Adobe Reader and Adobe Flash player. (Be aware though, this feature is in testing, so it may do strange things after the update)

Shane

 

[cascaderailroad]

PC Tools-Threatfire is such a thorough antivirus, that it rarely lets anything through. So thorough that it conflicts with Trainz, so I uninstalled it. Ever since I installed Threatfire, I have had problems with Trainz trying to open, and failing to open.