PuTTY 0.81 is released

Simon Tatham anakin at pobox.com
Mon Apr 15 20:18:34 BST 2024

PuTTY version 0.81 is released

All the pre-built binaries, and the source code, are now available
from the PuTTY website at


This is a SECURITY UPDATE. We recommend that _everybody_ upgrade, as
soon as possible.

Additionally, if you have any 521-bit ECDSA private keys that you've
used with PuTTY, you should consider them to be compromised: generate
new keys, and remove the old public keys from any authorized_keys

The only change between 0.80 and 0.81 is one security fix:

 - ECDSA signatures using 521-bit keys (the NIST P521 curve, otherwise
   known as ecdsa-sha2-nistp521) were generated with biased random
   numbers. This permits an attacker in possession of a few dozen
   signatures to RECOVER THE PRIVATE KEY.

   Any 521-bit ECDSA private key that PuTTY or Pageant has used to
   sign anything should be considered compromised.

   This vulnerability has the identifier CVE-2024-31497.

Enjoy using PuTTY!

import hashlib; print((lambda p,q,g,y,r,s,m: (lambda w:(pow(g,int(hashlib.sha1(
and s%q!=0 and m)(12342649995480866419, 2278082317364501, 1670428356600652640,
5398151833726432125, 645223105888478, 1916678356240619, "<anakin at pobox.com>"))

More information about the PuTTY-announce mailing list