The Channel logo

News

By | John Leyden 6th March 2007 14:21

Windows-like flaw hits Citrix

Welcome to our world

A flaw in Citrix's Presentation Server Client creates a means for hackers to compromise machines running the popular thin-client application.

The vulnerability stems from an unspecified bug involving support for Independent Computing Architecture (ICA) connections through a proxy server. ICA is an application server protocol used by Citrix products.

If successfully exploited, the vulnerability might be harnessed to inject malware onto vulnerable systems running maliciously constructed websites.

The exploit scenario is all too familiar to users of Windows fat client PCs, but unusual to users of generally far more secure thin clients, contributing to the bug's critical rating.

Users are advised to update to version 10.0 of Citrix's software to guard against possible attacks based on the flaw, which affects Citrix Presentation Server Client version 9.x and below. Citrix credits the discovery of the flaw to Karl Lynn of Juniper Networks. Citrix's advisory on the flaw can be found here. ®

alert Send corrections

Opinion

Windows 10 on Surface 3

Tim Anderson

It's do-or-die for Microsoft's new operating system on 29 July
Wine Taps by N Wong, Flickr, CC 2.0 License

Simon Sharwood

Clouds sell compute by the glass. On-premises kitmakers want to sell wine-as-a-service

Greg Knieriemen

Privacy, security, information sovereignty, what we all want, right?
Microsoft's Joe Belfiore, speaking at Build 2015

Andrew Orlowski

Redmond devotees may as well have demanded manga desktop wallpaper

Features

Android icon desktop toys
Nice devices, now speak 'enterprise' to me
Standard Form 86 reads like a biography of each intelligence worker
Protestor barricade image via Shutterstock
Breaking through the hardware barricades to a new network state
Racecar