Helient® Blog

HiveNightmare AKA SeriousSAM (CVE-2021-36934)

by Jared Barraford Managing Director What is the Vulnerability + Risk? It has been discovered through various independent security researchers that Microsoft Windows 10 dating back potentially to build 1809, including upgrades from earlier releases to 20H2, has inadvertently introduced overly permissive ACLs on critical system directories that contain sensitive information such as password hashes, […]

Read more >

Citrix ADC (NetScaler) New Security Vulnerabilities

by Daniel Ruiz Senior Solutions Architect Multiple vulnerabilities have been discovered in Citrix ADC (formerly known as NetScaler) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. Citrix strongly recommends that affected customers install relevant updates as soon as possible.  If exploited could result in the following security issues. Vulnerabilities: CVE-2021-22919 – Unauthenticated requests […]

Read more >

Updated: Citrix Virtual Apps and Desktops (XenApp & XenDesktop) Security Vulnerability

by Daniel Ruiz Senior Solutions Architect Updated: July 14, 2021 Citrix recently announced a new vulnerability in Citrix Virtual Apps and Desktops (formally known as XenApp & XenDesktop) that if exploited, could allow a user of a Windows VDA with Citrix Profile Management or the Citrix Profile Management WMI Plugin installed with Local privilege escalation […]

Read more >

ESXi Upgrades Can Break Your Citrix ADC (NetScaler) Virtual Appliances

by Daniel Ruiz Senior Solutions Architect With the latest VMware vCenter Server & Cloud Foundation Vulnerabilities many organizations are rushing to upgrade the VMware infrastructure, and as a result breaking the Citrix ADC (NetScaler) Virtual Appliances. Before preforming an upgrade on your vSphere ESXi infrastructure, it is very important to check the latest Support matrix […]

Read more >

Critical Microsoft Print Spooler Vulnerability

by Christian Vindel Desktop & Applications Architect Microsoft has confirmed a remote code execution vulnerability regarding the Windows Print Spooler and has assigned CVE-2021-34527 for tracking purposes. The recently identified vulnerability is being publicly referred to as “PrintNightmare”. This vulnerability has a severity rating of 8 out of 10 and is marked as high. Please […]

Read more >

Multiple Vulnerabilities Discovered in Citrix ADC, Gateway & SD-WAN WANOP Appliances

by Daniel Ruiz Senior Solutions Architect Multiple vulnerabilities have been discovered in Citrix ADC (NetScaler), Citrix Gateway (NetScaler Gateway) and Citrix SD-WAN WANOP appliances. Citrix strongly recommends that affected customers install relevant updates as soon as possible.  If exploited could result in the following security issues. Vulnerabilities: CVE-2020-8299 – Network-based denial-of-service from within the same Layer 2 network segment […]

Read more >

VMware Announces vCenter Server & Cloud Foundation Vulnerabilities With 9.8 Serverity Rating

by Jared Hamilton Manager of Technical Operations VMware announced on May 25th, 2021 (Advisory ID: VMSA-2021-0010) two new vulnerabilities that target vCenter Server versions 6.5, 6.7 and 7.0 as well as Cloud Foundation (vCenter Server) versions 3.x and 4.x. Both vulnerabilities have a severity rating of 9.8 out of 10 and are marked as critical. […]

Read more >

Citrix Announces a New Citrix Workspace App Vulnerability

by Daniel Ruiz Senior Solutions Architect Citrix announces a new Citrix Workspace App vulnerability.  Customers should upgrade to a fixed version as soon as possible or check if the version they are running has been automatically updated. Vulnerabilities: The vulnerability could result in a local user escalating their privilege level to SYSTEM on the computer […]

Read more >

Multiple Security Flaws Discovered in Dell BIOS Drivers

by Timothy Higbie Desktop & Applications Architect Security researcher SentinelLabs recently discovered multiple security vulnerabilities in Dell’s BIOS firmware update driver.   These vulnerabilities have been in place since 2009 and affect 100s of millions of Dell PCs.  An attacker could use these BIOS vulnerabilities to elevate local kernel-mode privileges.  Such a privilege elevation could be […]

Read more >

Daylight Saving Time Alert – Important Reminder About Upcoming Clock Change

by Armen Gharibian Managing Director This is a reminder that Daylight Saving Time will begin at 2:00 AM (EST) on Sunday, March 14th. This semiannual time change can cause major problems with VDI environments such as machine registration issues, session disconnects, and group policy failures. Whether using Citrix Provisioning Services, Citrix Machine Creation Services, or […]

Read more >

1 2 3 13