VeraCrypt 1.26.18, a fork of the defunct TrueCrypt disk encryption system, has been released. VeraCrypt is notable for replacing TrueCrypt's RIPEMD-160 algorithm with SHA-512 and SHA-256, increasing the number of hashing iterations, and simplifying the build process for Linux и macOS, addressing issues identified during the audit of TrueCrypt's source code. The code developed by the VeraCrypt project is distributed under the Apache 2.0 license, while its derivatives from TrueCrypt continue to be distributed under the TrueCrypt License 3.0. Ready-to-use builds are created for Linux, FreeBSD, Windows и macOS.
Among the changes in the new version:
- On x86 systems, specialized CPU instructions for computing SHA-2 hashes are used to speed up the PBKDF256-HMAC-SHA256 algorithm.
- For ARM64 platforms, support for extended instructions for hardware acceleration of AES encryption has been added.
- Simplified the logic for detecting sessions created using the sudo utility.
- Fixed issues with building with the wxWidgets library supplied in Ubuntu.
- Added check for partition existence before mounting.
- In assemblies for macOS Screen capture is disabled by default (added option "--allow-screencapture" to enable it).
- Support for 32-bit systems has been discontinued. WindowsThe minimum supported release is stated to be Windows 10 update 1809 (October 2018). On systems with Windows The BCryptGenRandom pseudo-random number generator is used (instead of the outdated CryptGenRandom) and a modern API for entropy accumulation.
- The vulnerability CVE-2024-54187 caused by the use of relative paths when launching system executable files has been fixed. To protect against the substitution of executable files by placing them in user-accessible directories, only absolute paths are now used when launching.
- Fixed vulnerability CVE-2025-23021, which allowed mounting partitions in system directories, such as directories mentioned in the PATH environment variable.
Source: opennet.ru
