Newly found TrueCrypt flaw allows full system compromise

Newly found TrueCrypt flaw allows full system compromise

http://ift.tt/eA8V8J

Windows users who rely on TrueCrypt to encrypt their hard drives have a security problem: A researcher has discovered two serious flaws in the program.

TrueCrypt may have been abandoned by its original developers, but it remains one of the few encryption options for Windows. That keeps researchers interested in finding holes in the program and its spin-offs.

James Forshaw, a member of Google’s Project Zero team that regularly finds vulnerabilities in widely used software, has recently discovered two vulnerabilities in the driver that TrueCrypt installs on Windows systems.

The flaws, which were apparently missed in an earlier independent audit of the TrueCrypt source code, could allow attackers to obtain elevated privileges on a system if they have access to a limited user account.

To read this article in full or to leave a comment, please click here

Tags: Recently Read, Saved for Later

Reblog von Computerworld Security http://ift.tt/1KIrgtY via IFTTT

Veröffentlicht am: September 29, 2015 at 04:28PM

Advertisements

Kommentar verfassen

Trage deine Daten unten ein oder klicke ein Icon um dich einzuloggen:

WordPress.com-Logo

Du kommentierst mit Deinem WordPress.com-Konto. Abmelden / Ändern )

Twitter-Bild

Du kommentierst mit Deinem Twitter-Konto. Abmelden / Ändern )

Facebook-Foto

Du kommentierst mit Deinem Facebook-Konto. Abmelden / Ändern )

Google+ Foto

Du kommentierst mit Deinem Google+-Konto. Abmelden / Ändern )

Verbinde mit %s