As part of our continuous effort to pursue best practices with IT credentials, Cerberus FTP Server now issues a security warning when running with LocalSystem service credentials.

Following the above change, once upgrading to version 12.6, customers will encounter a new system message warning when running Cerberus FTP Server with LocalSystem credentials:

Image of the LocalSystem warning, reading, "Running Cerberus FTP Server as LocalSystem is a security risk. Using a less privileged account is recommended. See this FAQ for more information on making this change"
This warning now appears when the Cerberus FTP Server service is running with LocalSystem credentials

If you see this warning, please read the FAQ article linked in the message and consider migrating away from LocalSystem. The risks associated with running a service as LocalSystem, is well-documented by Microsoft. Cerberus FTP Server will continue to function with LocalSystem service credentials for backward compatibility, but as a security-conscious organization, we must urge our customers to choose more secure deployments when possible.

This is the latest in ongoing efforts to improve the Cerberus FTP Server’s security posture. In version 12.3 we removed LocalSystem as the default service credential and enhanced the installer to streamline service setup with other local and domain accounts.

Finally, if you choose not to migrate from LocalSystem, we have added the ability to acknowledge System Messages, so you may silence the warning.

Feedback

As always, we look forward to hearing how our customers use Cerberus and any additional improvements that would help make Cerberus FTP Server as secure as can be. We would love to hear your feedback.