Helient® Blog

Citrix Announces ShareFile Storage Zone Controller Vulnerability

By Richard Charlton Senior Systems Engineer Citrix recently announced that file encryption may have been mistakenly disabled after running the CTX269106 mitigation tool. This vulnerability (CVE-2021-22932) potentially allows for the clear text storage of data that should be encrypted. All customers running an on-premises version of ShareFile are advised to review their configuration to check […]

Read more >

Microsoft Word and Excel Macros for DeskSite and FileSite Expire August 26, 2021

by Jared Barraford Managing Director What is the Advisory? On July 16th, 2021, iManage has released an updated CSAR for all customers running DeskSite or FileSite builds on any version of 9.3.6 or earlier that requires an update to prevent Microsoft Word and Excel from disabling the use of the Save, Save As, Open and […]

Read more >

HiveNightmare AKA SeriousSAM (CVE-2021-36934)

by Jared Barraford Managing Director What is the Vulnerability + Risk? It has been discovered through various independent security researchers that Microsoft Windows 10 dating back potentially to build 1809, including upgrades from earlier releases to 20H2, has inadvertently introduced overly permissive ACLs on critical system directories that contain sensitive information such as password hashes, […]

Read more >

Citrix ADC (NetScaler) New Security Vulnerabilities

by Daniel Ruiz Senior Solutions Architect Multiple vulnerabilities have been discovered in Citrix ADC (formerly known as NetScaler) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. Citrix strongly recommends that affected customers install relevant updates as soon as possible.  If exploited could result in the following security issues. Vulnerabilities: CVE-2021-22919 – Unauthenticated requests […]

Read more >

Updated: Citrix Virtual Apps and Desktops (XenApp & XenDesktop) Security Vulnerability

by Daniel Ruiz Senior Solutions Architect Updated: July 14, 2021 Citrix recently announced a new vulnerability in Citrix Virtual Apps and Desktops (formally known as XenApp & XenDesktop) that if exploited, could allow a user of a Windows VDA with Citrix Profile Management or the Citrix Profile Management WMI Plugin installed with Local privilege escalation […]

Read more >

ESXi Upgrades Can Break Your Citrix ADC (NetScaler) Virtual Appliances

by Daniel Ruiz Senior Solutions Architect With the latest VMware vCenter Server & Cloud Foundation Vulnerabilities many organizations are rushing to upgrade the VMware infrastructure, and as a result breaking the Citrix ADC (NetScaler) Virtual Appliances. Before preforming an upgrade on your vSphere ESXi infrastructure, it is very important to check the latest Support matrix […]

Read more >

Critical Microsoft Print Spooler Vulnerability

by Christian Vindel Desktop & Applications Architect Microsoft has confirmed a remote code execution vulnerability regarding the Windows Print Spooler and has assigned CVE-2021-34527 for tracking purposes. The recently identified vulnerability is being publicly referred to as “PrintNightmare”. This vulnerability has a severity rating of 8 out of 10 and is marked as high. Please […]

Read more >

Multiple Vulnerabilities Discovered in Citrix ADC, Gateway & SD-WAN WANOP Appliances

by Daniel Ruiz Senior Solutions Architect Multiple vulnerabilities have been discovered in Citrix ADC (NetScaler), Citrix Gateway (NetScaler Gateway) and Citrix SD-WAN WANOP appliances. Citrix strongly recommends that affected customers install relevant updates as soon as possible.  If exploited could result in the following security issues. Vulnerabilities: CVE-2020-8299 – Network-based denial-of-service from within the same Layer 2 network segment […]

Read more >

VMware Announces vCenter Server & Cloud Foundation Vulnerabilities With 9.8 Serverity Rating

by Jared Hamilton Manager of Technical Operations VMware announced on May 25th, 2021 (Advisory ID: VMSA-2021-0010) two new vulnerabilities that target vCenter Server versions 6.5, 6.7 and 7.0 as well as Cloud Foundation (vCenter Server) versions 3.x and 4.x. Both vulnerabilities have a severity rating of 9.8 out of 10 and are marked as critical. […]

Read more >

Citrix Announces a New Citrix Workspace App Vulnerability

by Daniel Ruiz Senior Solutions Architect Citrix announces a new Citrix Workspace App vulnerability.  Customers should upgrade to a fixed version as soon as possible or check if the version they are running has been automatically updated. Vulnerabilities: The vulnerability could result in a local user escalating their privilege level to SYSTEM on the computer […]

Read more >