# Gavin Andresen # 2012-03-17 00:17:15 # https://bitcointalk.org/index.php?topic=69120.msg805883#msg805883 @p{@p{--}-}@p{--}BEGIN PGP SIGNED MESSAGE@p{@p{--}-}@p{--} @p{brk} Hash: SHA1 @p{par} A potential security vulnerability has been discovered in the Windows @p{brk} version of Bitcoin-Qt. If you are running Bitcoin-Qt versions 0.5 @p{brk} through 0.6 on Windows you should shut it down and upgrade to either @p{brk} version 0.5.3.1 or 0.6rc4 NOW. @p{par} The command-line bitcoin daemon (bitcoind), Mac and Linux versions of @p{brk} Bitcoin-Qt, and versions prior to 0.5 are not affected. @p{par} Due to the nature of the vulnerability, we believe it would be very @p{brk} difficult for an attacker to do anything more than crash the @p{brk} Bitcoin-Qt process. However, because there is a possibility of such a @p{brk} crash causing remote code execution we consider this a critical issue. @p{par} Binaries are available at SourceForge: @p{brk} @s{(link)} @p{brk} @s{(link)} @p{par} If you have questions, feel free to drop by the #bitcoin-dev channel @p{brk} on FreeNode IRC. @p{par} - @p{--} @p{brk} Gavin Andresen @p{brk} Gregory Maxwell @p{brk} Matt Corallo @p{brk} Nils Schneider @p{brk} Wladimir J. van der Laan @p{brk} @p{@p{--}-}@p{--}BEGIN PGP SIGNATURE@p{@p{--}-}@p{--} @p{brk} Version: GnuPG v1.4.9 (Darwin) @p{brk} Comment: Using GnuPG with Mozilla - @s{(link)} @p{par} iEYEARECAAYFAk9j12IACgkQdYgkL74406iIyQCfbxFTO3yD4Q2bHDjPlDuJn3Mj @p{brk} 9GAAn3mV+ggo+5q1Ujd0A5zwpFYojkE2 @p{brk} =g1Ad @p{brk} @p{@p{--}-}@p{--}END PGP SIGNATURE@p{@p{--}-}@p{--} @p{brk}