#truecrypt may be a fond memory for most of its users, but that hasn’t stopped #researchers and hackers from poking about the open source encryption software.
Recently, researchers from #google’s #project zero team uncovered a pair of elevation of privilege #vulnerabilities in TrueCrypt, both of which were patched this weekend in #veracrypt, one of the remaining free disk encryption software packages for Windows available. VeraCrypt is one of two projects that forked the last available TrueCrypt build—#ciphershed being the other.
Researcher James Forshaw has not yet made public any details about the #flaws, but said on his Twitter feed that the vulnerabilities, though not added intentionally into the codebase, are the type that could have slipped past a code audit and review.
Leave a reply
