Carnegie Mellon University School of Computer Science

Critical PuTTY Update

Cryptographic exploit in older versions of PuTTY.

What's happening:

Versions 0.68 through 0.80 of PuTTY, a popular SSH application, contain a cryptographic vulnerability in key generation that could result in attackers gaining access to to a user's private key.

For additional information about the vulnerability, please visit

What do I need to do?

We recommend that anyone in the SCS community actively using PuTTY upgrade to the latest version (0.81), which can be found at

Have questions?

If you have any questions, or need help updating PuTTY on an SCS supported machine, please contact the SCS Help Desk at 412-268-4231 or by sending mail to