Security News > 2020 > January > Bad news: Windows security cert SNAFU exploits are all over the web now. Also bad: Citrix gateway hole mitigations don't work for older kit
Easy-to-use exploits have emerged online for two high-profile security vulnerabilities, namely the Windows certificate spoofing bug and the Citrix VPN gateway hole.
Within hours of the NSA going public with details about its prized bug find, exploit writers posted working code demonstrating how the flaw can be abused to trick unpatched Windows computers into accepting fake digital certificates - which are used to verify the legitimacy of software, and encrypt web connections.
The Citrix VPN gateway bug CVE-2019-19781, dubbed Shitrix by the infosec community, is under active exploit in the wild.
Citrix has admitted that, for some installations running older firmware, its recommended mitigation techniques are not holding up against exploits.
An alert from the Dutch National Cyber Security Centre advises organizations that run Citrix ADC and Gateway boxes to consider turning off the machines entirely until the full-scale patch from Citrix is released on January 20.
News URL
https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/01/16/windows_citrix_patch_update/
Related news
- HTTP your way into Citrix's Virtual Apps and Desktops with fresh exploit code (source)
- AI’s impact on the future of web application security (source)
- Microsoft plans to boot security vendors out of the Windows kernel (source)
- Microsoft announces new and improved Windows 11 security features (source)
- Microsoft Launches Windows Resiliency Initiative to Boost Security and System Integrity (source)
- Here's what happens if you don't layer network security – or remove unused web shells (source)
- Security? We've heard of it: How Microsoft plans to better defend Windows (source)
- RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-12-27 | CVE-2019-19781 | Path Traversal vulnerability in Citrix products An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. | 9.8 |