Windows TrueCrypt Fatally Flawed

Continued research after the first TrueCrypt audit yielded inconclusive results has discovered fatal privilege escalation vulnerabilities allowing for complete takeover (archived). So far this is known to affect TrueCrypt on Windows boxes, but there is still potential for other flaws to be discovered in TrueCrypt on other platforms. Details of the vulnerabilities are not yet disclosed, but this supports the possibility that it may not be possible at all to develop software offering any level of security on the Windows platform.

5 thoughts on “Windows TrueCrypt Fatally Flawed

  1. Further: The VeraCrypt derivative forked from TrueCrypt though this particular issue was reportedly patched, likely continues to posses undiscovered security issues.

  2. Flawed, yes.

    Fatally? So, I mean, if a local privilege escalation is fatal, what is a remote code execution vuln? Genocidal?

    Methinks ye egaggerates a byte.


  3. The Windows OS itself is fatally flawed. Trying to run secure software on it would be like moving Fort Knox to Zimbabwe.

    The security of Fort Knox is worthless when the government of Zimbabwe orders you to let them in to steal everything.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>