Changes since MinGit for Windows 2.47.3 (July 8th 2025)
This is a security fix release, addressing CVE-2025-66413.
- CVE-2025-66413, Git for Windows: When a user clones a repository from an attacker-controlled server, Git may attempt NTLM authentication and disclose the user's NTLMv2 hash to the remote server. Since NTLM hashing is weak, the captured hash can potentially be brute-forced to recover the user's credentials. This is addressed by disabling NTLM authentication by default.
| Filename | SHA-256 |
|---|---|
| MinGit-2.47.3.2-64-bit.zip | 9d193d2233e5580bbeb653d0cd91e320ad1704da8d2038951b9acf3b5f5a1b56 |
| MinGit-2.47.3.2-arm64.zip | 12d12bc1b1eaa4757950dc9d4034d6f12c1888ab96527b880863fb12c95d717f |
| MinGit-2.47.3.2-32-bit.zip | e50781a5a3746dde2bd3b828bc54a0637b5542347917308eb9ade2a0f4233921 |
| MinGit-2.47.3.2-busybox-64-bit.zip | 208499eda0be43a9baef5d6195cccee092501d8fffefa6b652524983d117b19a |
| MinGit-2.47.3.2-busybox-32-bit.zip | 585a365e1b597756fb8eab71f5118063f40e5e006c7635104efc1ef9d4484c02 |