News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Citrix announces security patches for some (but not all) of its compromised products

    Posted on January 20th, 2020 at 17:01 woody Comment on the AskWoody Lounge

    Citrix says it’s fixed some things, and will fix the rest soon. Per the web announcement:

    Permanent fixes for ADC versions 11.1 and 12.0 are available as downloads here and here.

    • These fixes also apply to Citrix ADC and Citrix Gateway Virtual Appliances (VPX) hosted on any of ESX, Hyper-V, KVM, XenServer, Azure, AWS, GCP or on a Citrix ADC Service Delivery Appliance (SDX). SVM on SDX does not need to be updated.
    • It is necessary to upgrade all Citrix ADC and Citrix Gateway 11.1 instances (MPX or VPX) to build 11.1.63.15 to install the security vulnerability fixes. It is necessary to upgrade all Citrix ADC and Citrix Gateway 12.0 instances (MPX or VPX) to build 12.0.63.13 to install the security vulnerability fixes.

    Nope, that doesn’t cover all the bases.

    We have moved forward the availability of permanent fixes for other ADC versions and for SD-WAN WANOP from our previous target dates as follows:

    • ADC version 12.1, now January 24
    • ADC version 13 and ADC version 10.5, now January 24
    • SD-WAN WANOP fixes, now January 24

    “Soon” being relative, I guess.

    UPDATE: As of early Tuesday morning, Kevin Beaumont reports that GreyNoise’s honeypots are trapping lots of attempts to break into Citrix Gateway systems.

    The top thirty most scanned URLs today are almost all Citrix Gateway related. If you haven’t patched or mitigated your devices, you’re likely in deep doo doo. There’s another nugget in that data, which is people are scanning for Citrix devices using other paths, e.g. font files etc – likely IDS avoidance technique.

    Details in Computerworld Woody on Windows.

    UPDATE: FireEye just released a tool that scans for infections. Citrix has details.