Security Alert: FileZilla is Not Safe for Use

September 10, 2018

by UNH Information Security Services

FileZilla, a free cross-platform FTP/SFTP solution used to upload files to servers, has been deemed unsafe for use on UNH devices and the UNH network.

Issue

At the end of August, Microsoft System Center Endpoint Protection (SCEP)/Windows Defender, along with other mainstream anti-malware tools, began flagging FileZilla as infected with malware. This is the latest in a series of issues with the security of this open source tool. 

After a review of the tool’s history and an assessment of the risk its use presents to the University as a whole, Information Security Services (ISS), with the support of the UNH Information Security Committee, has determined this tool is not safe for use on University computers or the University network.

Recommendation

As there are many organizations and individuals within the UNH community that must be able to transfer files as part of daily operations, ISS identified and assessed the following solutions and determined they are safe to use:

 

Bookmark and Share

Archive