

PuTTY 0.62 Released - Prevents passwords from being retained in memory. - Refringe
http://www.chiark.greenend.org.uk/~sgtatham/putty/?release=0.62

======
rufibarbatus
The security issue itself is described in [1]. Also worth note (at least for
me, not used to reading PuTTY's release notes and issue pages) is their
class/difficulty/priority breakdown of the issue. I had never seen that
pattern before.

The original link also points incidentally to a nice, recently updated survey
of cryptography laws around the world. [2]

[1]
[http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/p...](http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/password-
not-wiped.html)

[2] <http://rechten.uvt.nl/koops/cryptolaw/>

~~~
cstuder
What are tuits and why are they fun?

~~~
biot
Tuits come in all shapes and sizes, but round ones are particular prized. It's
amazing the amount of work you can accomplish once you get a round tuit.

~~~
cstuder
I see now. (I had been afraid that my Google-Fu had left me, but apparently
only my english skills were lacking.)

~~~
ryanbraganza
For anyone else who thinks their english skills lacking, make sure you read
the gp's post aloud

------
skeletonjelly
This seems like a huge bug fix. What is the likely hood that the memory will
be read by malware in previous versions? As in, does the malware process need
administrative privileges to read the other processes memory?

------
ak217
I prefer using mintty with cygwin. This hole is absent from there since you'd
be using openssh to manage logins.

~~~
kaerast
This also gives rsync, scp and all the other benefits of commandline ssh.
Mintty was enough for me to be able to put off installing Debian for another
month.

------
RexRollman
I love Putty! It is one of my favorite Windows programs.

