CheeseMan42 Posted September 30, 2015 Posted September 30, 2015 Google researcher James Forshaw has found a pair of vulnerabilities in the free disk encryption software TrueCrypt. Development of the software was abandoned last May, but it is still used by many to encrypt their drives. Forshaw hasn't disclosed the exact nature of the vulnerabilities yet as he "usually waits seven days after a patch is released to open his bug reports." The two exploits could give elevated privileges to an attacker, only requiring access to a limited user account. Development of the TrueCrypt code base has been continued through the Open Source VeraCrypt which was patched on Saturday to address the two vulnerabilities. Users that still use TrueCrypt are encouraged to switch to VeraCrypt to ensure that they are getting updated and secure software. Source: PC World Back to original news post Share this post Link to post Share on other sites More sharing options...
Recommended Posts