Citrix XenApp and XenDesktop Remote Vulnerability Fix Released

Citrix has released an update to fix a potentially serious remotely exploitable security issue in their Citrix XenApp and XenDesktop products. (This might be what you are using in your VDI environment). As of 25 Feb 2011, we are not aware of any publicly available exploit.

The following products are affected:
– XenApp 5.0 for Windows Server 2003 x64
– XenApp 5.0 for Windows Server 2003 x86
– XenApp 6.0 for Windows Server 2008 R2
– XenApp Fundamentals 3.0
– XenApp Fundamentals 6.0 for Windows Server 2008 R2
– XenDesktop 4 x32
– XenDesktop 4 x64
– Feature Pack 1 for Presentation Server 4.5

References:
http://support.citrix.com/article/CTX128169

email: david @ sharpesecurity.com
website: www.sharpesecurity.com
Twitter: twitter.com/sharpesecurity
Twitter: twitter.com/patchmanagement

Share

Leave a Reply