今天逛LET才注意到他们一周前发布的的置顶帖子,建议使用PuTTY的用户升级到最新版本(0.71)。修复了一些bug和安全隐患。如果你也在使用PuTTY,请去官网下载最新版本的软件。如果是下载的单独的putty.exe,可以直接使用,之前保存的那些配置还有。
官方下载地址:https://www.chiark.greenend.org.uk/~sgtatham/putty/
附原贴英文原文:
Security fixes found by an EU-funded bug bounty programme:
a remotely triggerable memory overwrite in RSA key exchange, which can occur before host key verification
potential recycling of random numbers used in cryptography
on Windows, hijacking by a malicious help file in the same directory as the executable
on Unix, remotely triggerable buffer overflow in any kind of server-to-client forwarding
multiple denial-of-service attacks that can be triggered by writing to the terminal
Other security enhancements: major rewrite of the crypto code to remove cache and timing side channels.
鄙视无脑复制采集小尾巴:更多搬瓦工套餐、资讯、最新优惠码、最新教程等,请访问https://www.bwhcn.com/