Yesterday an update to the open source Putty SSH client (Secure Shell, defined) for Windows was released (bringing it to version 0.67) resolving a high priority security issue and to “defend against malicious other processes reading sensitive data out of its memory” by setting it’s process ACL (defined) more restrictively.
This update also fixes other software bugs and it’s executable files and installer are now digitally signed (defined) using Authenticode. Full details of the changes in version 0.67 are available in the changelog.
The updated version is available for download from this page. Please ensure to only download Putty from the previously provided link since tampered versions have previously been made available in an effort to spread malware.
If you use Putty, please update as soon as possible to benefit from the security fixes version 0.67 includes as well as the general software bugs that were also addressed.