Installing patch for PVS vulnerability–Step-by-step guide

As you could read in this post Citrix has released a patch/update for all of its Provisioning Services versions.

This post is written with PVS 6.1 in mind and is only the PVS server side. The target device update will be posted on a different post.

Prerequisites:

The user must have administrative rights to the server.

• The server install consists of the console and server installation programs

• You must uninstall before using any of the installations included in hotfix

• Included with the target installation programs are the binaries so that they can be used to replace the present binaries without reimaging the target device.

To install this hotfix:

1. Download the hotfix package from the Hotfixes and Service Packs page of the Citrix Web site at http://www.citrix.com.

2. Copy the hotfix package to an empty folder on the hard drive of the server you want to install the hotfix from and unzip the file.

Steps to install the hotfix:

INSTALLATION

The hotfix folder includes the following subfolders:

• Console
• Device
• Target32
• Target64
• Server

Each of these directories include the installation application for the Provisioning Services console, target device software and Provisioning Services server respectively for 32 and 64 bit operation systems, x64 in the file names signifies 64 bit operating system… Please check your Provisioning Services installation for system type and select the correct installation to apply the hotfix following the procedure described below.

Step by step installation guide

For this step-by-step guide I’ve used a server which has all components installed locally (DHCP/SQL Express/ PXE)

1. Make sure that the Provisioning Services Console and Provisioning Services Configuration Wizard are closed.
2. Uninstall Provisioning Services console and Provisioning Services server installation.
1. This guide installs the software in the following sequence:
1. PVS Server
2. PVS Configuration Wizard
3. PVS Console

3. Select the version which is correct for your system type. Select “Next” to start the installation of the PVS server.
   
4. Accept the EULA and select “Next” to continue
   
5. Enter the user name and organization name and choose for which user the installation is visible and select “Next” to continue
   
6. Select the folder where the installation of the PVS server should be installed and select “Next” to continue
   
7. Choose whether you want to do a complete install or a custom install (I choose “Complete”) and click “Next” to continue
   
8. Click “Install” to start the installation
   
9. Click “Finish” after the installation is completed.
   
10. This warning shows when you don’t have the PVS console installed yet.
    
11. After the message about the PVS console the Configuration Wizard installation starts automatically. Select “Next” to start the installation
    
12. Select where your DHCP scope options are stored. For this guide I choose that the DHCP service runs on the same computer as PVS is installed. For POC or test environments this is a possibility. For production environments this is not recommended. Click “Next” to continue
    
13. Choose which PXE service you use. For this guide I choose DHCP running on the same server. Click “Next” to continue
    
14. Select the option that the farm is already configured (which is true as this is an update). Click “Next” to continue
    
15. Select the correct user account credentials for the network service account. Click “Next” to continue
    
16. Answer “Yes” at the question to check the account for the database
    
17. Enter the AD computer account reset days. Recommended is setting this value under the default value of the AD policy (30 days). Default in the Citrix PVS installation is 7 days. Click “Next” to continue
    
18. Choose which NIC is used for streaming the vDisk to the clients (if applicable) and which ports to be used for communication. Click “Next” to continue
    
19. Enter if you want to use the TFTP option and select the boot file. Click “Next” to continue
    
20. Check the network settings and alter if needed. Click “Next” to continue
    
21. Review the settings and click “Finish” to start the installation.
    
22. This screen is shown during the installation and starting of the services. Click “Done” when the installation is complete and the services have started.
    
23. After the installation of the Configuration Wizard is complete go to the installation directory and select the correct version of the PVS console.
    
24. Click “Next” to start the installation of the console
    
25. Accept the EULA and click “Next” to continue
    
26. Enter the user and organization name and click “Next” to continue
    
27. Select the installation path and click “Next” to continue
    
28. Choose whether you want to use the complete or custom install. Click “Next” to continue
    
29. Select “Install” to start the installation of the PVS console.
    
30. Click “Finish” to complete the installation of the PVS console.
    

The second part of this upgrade / installation of the patch will soon follow.