Security hole in the Citrix Presentation Server Client has been closed
A new version of the Citrix Presentation Server Client closes a security hole which could be exploited by attackers to execute arbitrary code on clients. The security advisory published by Citrix does not, however, provide detailed information on this vulnerability.
The bug concerns the support for making ICA connections through proxy servers. Visiting a manipulated web page is enough to execute malicious program code on the client. The Client is a component of the Citrix products Program Neighborhood, Program Neighborhood Agent and Web Client.
This vulnerability is present in all versions of the Presentation Server Client for Windows earlier than 10.0. Version 10.0 closes this security hole, and affected users are strongly recommended to upgrade to this version.
- Vulnerability in Citrix Presentation Server Client for Windows could result in arbitrary code execution, security advisory from Citrix
- Download the updated software