Security News > 2020 > August > Microsoft Defender casts a jaundiced eye over Citrix, slams services in quarantine on suspicion of being malware
Those wondering when the Microsoft love-in with Citrix might end will be relieved to learn that Microsoft Defender decided yesterday that Citrix Broker and High Availability Services bore all the hallmarks of a trojan.
Administrators and users alike found that update 1.321.1319.0 of the malware masher left Citrix's platform a tad borked, with the Citrix Broker service gone from the Services console and the BrokerService.
The problem, according to Citrix, can occur on Delivery Servers and Citrix Cloud Connectors with Microsoft Defender installed.
Otherwise the broker services used to manage connections and sessions get shunted into quarantine and, alas, Citrix's wares are made unhappy.
Still, Citrix administrators will be relieved that at least the update did not sling an animated paperclip onto the screen, saying: "It looks like you're trying to do some virtualization. Would you like some help with that? Maybe with Windows Virtual Desktop in Azure?" .
News URL
https://go.theregister.com/feed/www.theregister.com/2020/08/14/microsoft_defender_citrix/
Related news
- New Microsoft script updates Windows media with bootkit malware fixes (source)
- Microsoft says attackers use exposed ASP.NET keys to deploy malware (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)
- Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics (source)
- Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware (source)
- Microsoft admits GitHub hosted malware that infected almost a million devices (source)