PuTTY Releases Important Software Update to Patch 8 High-Severity Flaws (Mar 20, 2019)
The developers of the open source SSH and telnet client "PuTTY," have released a new version (0.71) to address eight "high-severity" vulnerabilities. The eight vulnerabilities are listed as so: authentication prompt spoofing, code execution via CHM hijacking, buffer overflow in Unix PuTTY Tools, reusing cryptographic random numbers, integer overflow flaw, and the final three vulnerabilities are terminal denial-of-service attacks. The multiple vulnerabilities could grant threat actors numerous ways to conduct malicious activity.
Recommendation: PuTTY users and administrators should update their software to version 0.71 as soon as possible because of the high-severity rating of these vulnerabilities. Additionally, your company should have policies in place to review and apply security updates for software in use to protect against known vulnerabilities that threat actors may exploit.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.