Critical PuTTY Update

Cryptographic exploit in older versions of PuTTY.

What's happening:

Versions 0.68 through 0.80 of PuTTY, a popular SSH application, contain a cryptographic vulnerability in key generation that could result in attackers gaining access to to a user's private key.

For additional information about the vulnerability, please visit https://nvd.nist.gov/vuln/detail/CVE-2024-31497.

What do I need to do?

We recommend that anyone in the SCS community actively using PuTTY upgrade to the latest version (0.81), which can be found at https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html.

Have questions?

If you have any questions, or need help updating PuTTY on an SCS supported machine, please contact the SCS Help Desk at 412-268-4231 or by sending mail to help@cs.cmu.edu.

Need Help?

Submit a Ticket
Call 412-268-4231
Visit GHC 4203

Was this page helpful?

Use this box to give us feedback on this webpage and its content. If you need a response, please include your Andrew ID.

Need technical support? Submit a ticket