back to article As miscreants prey on thousands of vulnerable boxes, Citrix finally emits patches to fill in hijacking holes in Gateway and ADC

Citrix has rushed out official fixes for the well-publicised vuln in some of its server products after miscreants were seen deploying their own custom patches that left a backdoor open for later exploitation. As previously reported, vulnerabilities in Citrix Application Delivery Encoder and Citrix Gateway could allow remote …

  1. Anonymous Coward
    Anonymous Coward

    "Rush"

    Is that a new definition of the word? It's been a month!

    1. Griffo

      Re: "Rush"

      And they knew about for quite a while before it went public. For a so called "security" company they did a completely crap job at managing this super basic flaw.

  2. macjules Silver badge
    Paris Hilton

    "We urge customers to immediately install these fixes.

    Citrix's Fermin Serna said in a statement: "We urge customers to immediately install these fixes.

    Hang on a sec. A hacker would say something exactly like that though. How can we be assured that Citrix's Fermin Serna really said that?

  3. 0laf Silver badge
    FAIL

    CVE on the 17th Dec, Citrix put out information publicly on 24th Dec. Good day to bury bad news eh?

  4. Buzzword

    Boxes? Boxes?!!1!!!11eleven!!1!

    The plural form is "boxen", Gareth. You used to know this sort of thing:

    https://www.theregister.co.uk/2019/02/27/elasticsearch_malware_cisco_talos/

    https://www.theregister.co.uk/2018/11/13/google_cloud_onboarding_box_eu/

    Did the Reg's style guide change?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020