The Channel logo


By | John Leyden 6th March 2007 14:21

Windows-like flaw hits Citrix

Welcome to our world

A flaw in Citrix's Presentation Server Client creates a means for hackers to compromise machines running the popular thin-client application.

The vulnerability stems from an unspecified bug involving support for Independent Computing Architecture (ICA) connections through a proxy server. ICA is an application server protocol used by Citrix products.

If successfully exploited, the vulnerability might be harnessed to inject malware onto vulnerable systems running maliciously constructed websites.

The exploit scenario is all too familiar to users of Windows fat client PCs, but unusual to users of generally far more secure thin clients, contributing to the bug's critical rating.

Users are advised to update to version 10.0 of Citrix's software to guard against possible attacks based on the flaw, which affects Citrix Presentation Server Client version 9.x and below. Citrix credits the discovery of the flaw to Karl Lynn of Juniper Networks. Citrix's advisory on the flaw can be found here. ®

alert Send corrections


Frank Jennings

What do you do? Use manual typwriters or live in a Scottish croft? Our man advises
A rusty petrol pump at an abandoned gas station. Pic by Silvia B. Jakiello via shutterstock

Trevor Pott

Among other things, Active Directory needs an overhaul
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella


Suit-and-tie-wearing man tries to meditate, take deep breaths in faux yoga pose. Photo by Shutterstock
Emotional intelligence, not tech skills, is the way to woo suits
League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC
One reselling man tells his tale of woe