Citrix releases first fixes for ADC bug
Citrix has released the first permanent fixes for the critical vulnerability recently found in versions of the Citrix Application Delivery Controller (ADC) software that is now being actively exploited.
The Australian Cyber Security Centre warned last week that cybercriminals are performing scans for organisations vulnerable to the exploit, which potentially enables arbitrary code execution. At the time there was no patch available.
Citrix has now released fixes for two versions of the Citrix ADC, as well as the Citrix Gateway Virtual Appliances. The company has also brought forward to Friday its planned release date for fixes for the remaining impacted ADC versions, as well as its SD-WAN optimisation service.
The company is urging businesses to apply the fixes immediately. Companies still running the yet-to-be-patched versions of the software have been advised to implement Citrix's list of previously released mitigation steps and then use a provided tool to ensure they have been implemented correctly.
Citrix added that it has assigned extra staff to its support centres to guide customers through the patch implementation process if needed.
CrowdStrike says it found a killswitch in DeepSeek
CrowdStrike alleges that Chinese LLM DeepSeek-R1 is more likely to produce insecure code, or...
Sophos integrates its threat intelligence platform with Copilot
Sophos has announced the launch of integrations between its Intelix cyberthreat intelligence...
Lakera launches framework for testing LLM security
Check Point’s Lakera has developed an open-source framework for testing the security of...
