PuTTY Releases Important Software Update to Patch 8 High-Severity Flaws

The popular SSH client program PuTTY has released an important software update to address eight high-severity security vulnerabilities.

PuTTY is one of the most popular open-source software that allows users to access computers over SSH, Telnet, and Rlogin network protocols.

The popular SSH client program PuTTY has released an important software update (version 0.71) for Windows and Unix operating systems, to address eight high-severity security vulnerabilities.

The latest version released by Putty has dated back 20 months ago, anyway, all previous versions of the PuTTY client are vulnerable to multiple security flaws.

“This release has known security vulnerabilities. Consider using a later release instead, such as the latest version, 0.71.” reads the security advisory.

The vulnerabilities could be exploited by attackers to set up a malicious server or compromise a server to hijack the client’s system.



“The known vulnerabilities in this release are:

vuln-auth-prompt-spoofing (fixed in release 0.71)

vuln-chm-hijack (fixed in release 0.71)

vuln-fd-set-overflow (fixed in release 0.71)

vuln-rng-reuse (fixed in release 0.71)

vuln-rsa-kex-integer-overflow (fixed in release 0.71)

vuln-terminal-dos-combining-chars (fixed in release 0.71)

vuln-terminal-dos-combining-chars-double-width-gtk (fixed in release 0.71)

vuln-terminal-dos-one-column-cjk (fixed in release 0.71)”

PuTTY users are recommended to download and use the latest version of it.

Pierluigi Paganini