VeraCrypt audit reveals attacker treasure trove of critical flaws | ZDNet


VeraCrypt audit reveals attacker treasure trove of critical flaws An audit of VeraCrypt has uncovered critical vulnerabilities which could be exploited by attackers to compromise user data. VeraCrypt is open-source security software. The successor to TrueCrypt, the encryption software is used worldwide to encrypt single files, folders or full disks and builds on the original project with security enhancements and new, modern features. However, no software is completely safe from attack, and according to the software's recent audit, conducted by cybersecurity firm QuarksLab and sponsored through the Open Source Technology Improvement Fund (OSTIF), VeraCrypt 1.8 and its bootloaders contained a total of eight critical vulnerabilities, three medium flaws and 15 additional bugs of low importance. The majority of these problems have been fixed in VeraCrypt 1.19 and users are asked to update as soon as possible. See http://ift.tt/2ekmjwM

Comments