Security News > 2020 > January > Citrix ships patches as vulnerable servers come under attack
Citrix has issued its first set of patches fixing a nasty vulnerability that's been hanging over some of its biggest products.
Patches for ADC and Citrix Gateway 11.1 and 12.0 were made available on 19 January with versions 12.1, 10.5, and 13.0 to follow on 24 January.
Until products are patched, Citrix advises customers apply the suggested mitigations, while bearing in mind.
As noted in Naked Security's recent coverage, the importance of the patches has been underlined by the recent detection of mass scanning for vulnerable appliances.
It's serious enough that the Dutch NCSC has even recommended turning off affected systems until patches can be applied just in case the official mitigations aren't foolproof.
News URL
Related news
- New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- New NachoVPN attack uses rogue VPN servers to install malicious updates (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Citrix shares mitigations for ongoing Netscaler password spray attacks (source)