MS12-020 and Citrix XenDesktop

Last Tuesday Microsoft has released a critical hotfix affecting Remote Desktop Services for versions of Windows commonly used as part XenDesktop and XenApp environments. Microsoft is strongly recommending that customers apply this immediately.

Click here for more information about this patch.

Citrix has tested this patch with XenApp and XenDesktop, and is listed in the Microsoft Security Patch Validation Report for March 2012.

Microsoft’s March 2012 security updates have passed Citrix testing (the updates are listed below). The testing is not all-inclusive; all tests are Continue reading “MS12-020 and Citrix XenDesktop”

MS12-020: Critical RDP security issue

This security update resolves two privately reported vulnerabilities in the Remote Desktop Protocol. The more severe of these vulnerabilities could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system. By default, the Remote Desktop Protocol (RDP) is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk.

This security update is rated Critical for all supported releases of Microsoft Windows. For more information, see the subsection, Affected and Non-Affected Software, in this section.

The security update addresses the vulnerabilities by modifying the way that the Remote Desktop Protocol processes packets in memory and the way that the RDP service processes packets. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.

Continue reading “MS12-020: Critical RDP security issue”

XenDesktop 5.5 Hotfix Rollup Pack 1

New Fixes and Enhancements in This Rollup

This rollup introduces the following fixes that have not been previously released:

HDX 3D Pro Printing
HDX MediaStream Site Administration
HDX Plug and Play Session/Connection
Installing, Uninstalling, Upgrading Smart Cards
Logon/Authentication System Exceptions

HDX 3D Pro

  1. With HDX 3D Pro enabled, the Virtual Desktop Agent screen can become unresponsive at logon.[From XD550VDAWX86100][#LA0456] Continue reading “XenDesktop 5.5 Hotfix Rollup Pack 1”

XenServer 6.0.2 available for download

As of today Citrix XenServer version 6.0.2 is available for download here. You are required to have a MyCitrix account to download this software. If you don’t have an account please register.

New Features and Improvements Since XenServer 6.0

We are pleased to announce availability of XenServer 6.0.2. This version includes a number of new features and ongoing improvements to XenServer 6.0, including:

  • Emergency Network Reset: Network Reset provides a simple mechanism to recover and reset a host’s networking configuration to its original state at fresh installation. This is also useful when you simply want to configure networking on a host from scratch, and helps to recover a host from an incorrectly configured state. Refer to CTX131972for detailed information.
  • Enhanced Guest OS Support. Support for CentOS 5.7 (32/64-bit), CentOS 6.0 (32/64-bit), Red Hat Enterprise Linux 5.7 (32/64-bit), Oracle Enterprise Linux 5.7 (32/64-bit). Refer to CTX131973for virtual memory and disk size limits for these new guests. Continue reading “XenServer 6.0.2 available for download”

Citrix released hotfix for VDI

Hi guys,

Citrix has released a Hotfix Rollup Pack 1 for VDI-in-a-Box 5.0.

This fix repairs the following issue:

Users receive the following error message when trying to connect to VDI-in-a-Box desktops through an HDX connection: “You cannot access this session because no licenses are available.”

You can download the hotfix here.

EEPC 6.1 Hotfix HF715674 now available

Hi guys,

McAfee has released a hotfix HF715674 for McAfee Endpoint Encryption for PC 6.1 Patch 2 or 3 (6.1.2, 6.1.3).

This hotfix is a workaround for the following issue:

  • You are not authorized for this operation (after upgrading to EEPC 6.1 Patch 2 or 3 when attempting to retrieve the recovery key).

For more information, see KnowledgeBase article KB73327 (https://kc.mcafee.com/corporate/index?page=content&id=KB73327).

You can get the hotfix from the McAfee Downloads site using a valid Grant Number.

McAfee Agent 4.6 Patch 1 available

Hi guys,

McAfee Agent 4.6 Patch 1 Windows and Extension  are now available from the McAfee ServicePortal (https://mysupport.mcafee.com) and McAfee Downloads site (http://mcafee.com/us/downloads).

You can only download these files with an authorized and valid McAfee Grant number.

Greetz,

Jack

 

McAfee VSE 8.8 Patch1

Hi guys,

Patch 1 for VirusScan Enterprise 8.8 is now available from the locations below:

Patch 1 is considered a Mandatory release. For information on ratings, see KnowledgeBase article KB51560: https://kc.mcafee.com/corporate/index?page=content&id=KB51560

Customers with McAfee Application Control or Solidcore version 5.1.2 should be aware of the issue and resolution described in KnowledgeBase article KB73274:
https://kc.mcafee.com/corporate/index?page=content&id=KB73274

Documentation:

ePO Hotfix to Remediate Apache HTTP Server

Hello friends,

On August 20, 2011, the Apache Software Foundation released a vulnerability announcement (CVE-2011-3192) concerning a flaw in the way the Apache HTTP Server handles Range HTTP headers that could result in a Denial of Service (DoS) attack.
Because McAfee ePolicy Orchestrator versions 4.0, 4.5, and 4.6.x make use of the Apache HTTP Server software, McAfee has developed Hotfix 701318 to remediate this issue for ePO 4.5 and 4.6.x.

IMPORTANT: ePO 4.0 reached End of Life (EOL) on September 30, 2011. Users with ePO 4.0 must upgrade to a current supported version of ePO to apply the hotfix.
To access the Hotfix, log into the ServicePortal at: http://mysupport.mcafee.com, click Download Software Updates under Self Service and locate the entry: EPolicy Orchestrator EPOHF701318.

For more information on this issue, see KB73310https://kc.mcafee.com/corporate/index?page=content&id=KB73310