Sign in / up

back to article Don't panic, but it's only a matter of time before critical 'CitrixBleed 2' is under attack

Citrix patched a critical vulnerability in its NetScaler ADC and NetScaler Gateway products that is already being compared to the infamous CitrixBleed flaw exploited by ransomware gangs and other cyber scum, although there haven't been any reports of active exploitation. Yet. Security analyst Kevin Beaumont dubbed the …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Screepy

    Upgraded our NetScalers this morning, surprisingly the download portal was working (last time it melted when every sys admin hit it at the same time).

    The recommendation to run the kill pcoipConnections and icaConnections makes this upgrade slightly more annoying as you'll punt all your users off even if you're using HA pairs.

    May your upgrades run in calm seas

    2 0 Reply
    1. Screepy
      Reply Icon

      Bah!

      Another crit vuln just been announced.

      Ver . 13.1.59.15 now available to install

      0 0 Reply
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        We're on 14.1 and upgrade to build 47.46 is on the way already (HA secondaries updated; session migration underway; waiting for some ICA sessions to end before upgrading the other pairs)

        Curiously Citrix published two 14.1 versions for the earlier vulnerability this article talks about - but 47.46 is also a fix for today's CTX694788...

        0 0 Reply
  2. chuckufarley
    IT Angle

    'Why are you even reading this story?"

    Because I have refused to touch Citrix for over two decades now. And I need a good laugh. Ha F'in Ha.

    Stop paying companies to produce crap! You are supposed to be smart people and there has never been an excuse for Citrux!

    2 2 Reply
    1. tip pc Silver badge
      Reply Icon

      Re: 'Why are you even reading this story?"

      what alternative do you recommend?

      2 0 Reply
      1. Sandtitz Silver badge
        Reply Icon

        Re: 'Why are you even reading this story?"

        I wouldn't expect a (coherent) answer from our friend Chuck. I think he already exhausted his talents with that post.

        2 0 Reply
  3. Sparkypatrick

    Now being exploited

    Citrix have updated the bulletin to say that it is now being actively exploited.

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like