@bradfitz requested issue #30642 to be considered for backport to the next 1.11 minor release.

@gopherbot, please backport to Go 1.11 [because it is a Windows security issue].

(I'm opening this issue for @gopherbot because it hasn't learned to listen to followup requests. That's being tracked in issue #25574.)