Overview
There are many users who have continued to user TrueCrypt 7.1a for a number of reasons; specifically:
- TrueCrypt is not actively being developed or supported, but there are no indications of security vulnerabilities with TrueCrypt, and
- There are no clear and obvious alternatives to TrueCrypt which are as good / better than TrueCrypt 7.1a.
However – Neither of these reasons are still valid. In September 2015, a researcher discovered two additional security flaws in TrueCrypt 7.1a, one of which is critical (CVE-2015-7358), potentially allowing elevated privileges on a TrueCrypt system.
In addition, VeraCrypt is a fork of the TrueCrypt 7.1a codebase, is stable, and has already patched these two vulnerabilities (in addition to several others previously identified).
Bottom Line – It is time for any Truecrypt users to remove and replace with VeraCrypt.