Mozilla has completely removed support for the File Transfer Protocol from the latest release of its flagship Firefox web browser. FTP has been abused in various malware distribution campaigns, some of which involved the compromise of FTP servers to leverage the protocol for payload delivery.
Microsoft has shipped the stable version of the Microsoft Edge 88 browser, featuring a brand new Password Generator and the ability to alert on compromised credentials. With Microsoft Edge 88.0.705.50 now rolling out, users get a built-in strong password generator that allows them to easily set up new passwords when signing up for new accounts or when changing the old passwords.
Google has released Chrome 88 today, January 19th, 2021, to the Stable desktop channel, and it includes security improvements and the long-awaited removal of Adobe Flash Player. Chrome 88 is now promoted to the Stable channel, Chrome 89 is the new Beta version, and Chrome 90 will be the Canary version.
In a message to The Register, Kumar said that on November 19, 2019, he told SolarWinds "Their update server was accessible with the password 'solarwinds123' which is leaking in the public Github repo. They fixed the issue and replied to me on." Using the exposed account name and password, he was able to upload a file to prove the system was insecure, he said he wrote in his report to SolarWinds, adding that a hacker could use the credentials to upload a malicious executable and add it to a SolarWinds update.
Google has decided to keep support for the File Transfer Protocol in Chrome a bit longer, after initially saying it would completely remove it in Chrome 82. Due to the lack of support for secure connections or proxies, the implementation of FTP in Chrome creates security risks for users.
Firefox has decided it's time to burn the browser's FTP connections. Platform list, developer Michal Novotny announced "We plan to remove FTP protocol implementation from our code."
Chrome 80 emerged from Google this week with a few more nails to hammer into the coffin of the venerable File Transfer Protocol. It has been a death by a thousand cuts for FTP in Chrome.
A German security researcher has publicly disclosed details of a severe vulnerability in one of the most popular FTP server applications, which potentially could affect over one million servers....