Citrix strongly recommends that customers upgrade their Windows and Linux Virtual Delivery Agents to versions that contain the fixes as soon as possible.
Windows Virtual Delivery Agent versions that contain the fixes are:
- Citrix Virtual Apps and Desktops 2305 and later versions
- Citrix Virtual Apps and Desktops 2203 LTSR CU3 and later cumulative updates
- Citrix Virtual Apps and Desktops 1912 LTSR CU7 and later cumulative updates
Linux Virtual Delivery Agent versions that contain the fixes are:
- Linux Virtual Delivery Agent 2305 and later versions
- Linux Virtual Delivery Agent 2203 LTSR CU3 and later cumulative updates
- Linux Virtual Delivery Agent 1912 LTSR CU7 hotfix 1(19.12.7001) and later cumulative updates
Note: Customers are recommended only to upgrade their Windows and Linux Virtual Delivery Agents to address this vulnerability.
The latest versions of Citrix Virtual Apps and Desktops are available from the following Citrix website location:
https://www.citrix.com/downloads/citrix-virtual-apps-and-desktops/
Extended support customers are recommended to contact Citrix Technical Support. Contact details for Citrix Technical Support are available at https://www.citrix.com/en-gb/support/open-a-support-case/
Additional Information:
Citrix Virtual Apps and Desktops and Citrix DaaS customers may use Citrix provisioning services, Machine creation services technologies, if applicable to update their non persistent Virtual Delivery Agents.
Citrix DaaS customers may use VDA Upgrade Service (VUS) to update their Windows persistent Virtual Delivery Agents for Remote PC Access, HDX Plus for Windows 365, and any other persistent or provisioned and dedicated catalogs. Customers are recommended to review the VUS Prerequisites to determine if they can use the VDA Upgrade Service.