1 Reply Latest reply on Jul 13, 2018 2:32 PM by brian.taylor.support

    FileZilla and bundled malware

    Jose@IU Rookie

      Greetings,

       

      Outside of "Ivanti Patch for SCCM", I manually downloaded the lastest version available for FileZilla, using the same Download URL shown in the "Binary Information" for the patch in the Ivanti catalog:

       

      https://dl1.cdn.filezilla-project.org/client/FileZilla_3.34.0_win64-setup.exe

       

      I then scanned the downloaded .exe with Windows 10's Defender: clean, no threats found.

       

      I also scanned it with www.virustotal.com: only 2 (not as popular) antimalware detectors flagged it, but I am suspecting they are "false positives".

       

      I did all of this to confirm the .exe Ivanti downloads and distributes via Ivanti Patch for SCCM ,is not the one bundled with malware[1]. Which I suspected from the beginning, since the .exe did not have the word "bundled" in it.

       

      However, I would like someone from Ivanti to confirm it, so I can pass along the vendor-provided confirmation to my security colleagues.

       

       

      Sincerely,

      Jose

       

      Further reading:

      [1]: FileZilla's Use Of Bundled Offers Sparks Outrage From Users

        • 1. Re: FileZilla and bundled malware
          brian.taylor.support SupportEmployee

          Hi Jose,

           

          That's correct - the one downloaded through our Patch for SCCM plugin (as well as through Patch for Windows Servers) is not the bundled version.  The bundled installer is 8,692 KB while the "clean" installer is only 7,737 KB, so they are definitely not the same file.

           

          Thanks,

          Brian

          1 of 1 people found this helpful