Security News > 2020 > August > Microsoft Defender casts a jaundiced eye over Citrix, slams services in quarantine on suspicion of being malware
Those wondering when the Microsoft love-in with Citrix might end will be relieved to learn that Microsoft Defender decided yesterday that Citrix Broker and High Availability Services bore all the hallmarks of a trojan.
Administrators and users alike found that update 1.321.1319.0 of the malware masher left Citrix's platform a tad borked, with the Citrix Broker service gone from the Services console and the BrokerService.
The problem, according to Citrix, can occur on Delivery Servers and Citrix Cloud Connectors with Microsoft Defender installed.
Otherwise the broker services used to manage connections and sessions get shunted into quarantine and, alas, Citrix's wares are made unhappy.
Still, Citrix administrators will be relieved that at least the update did not sling an animated paperclip onto the screen, saying: "It looks like you're trying to do some virtualization. Would you like some help with that? Maybe with Windows Virtual Desktop in Azure?" .
News URL
https://go.theregister.com/feed/www.theregister.com/2020/08/14/microsoft_defender_citrix/
Related news
- Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware (source)
- Microsoft admits GitHub hosted malware that infected almost a million devices (source)
- Microsoft: New RAT malware used for crypto theft, reconnaissance (source)
- Microsoft Trust Signing service abused to code-sign malware (source)
- Microsoft Trusted Signing service abused to code-sign malware (source)
- New Android malware uses Microsoft’s .NET MAUI to evade detection (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)
- Fake Microsoft Office add-in tools push malware via SourceForge (source)