downloadWhy can't I download this file?Citrix Receiver 14.9.6001.1 Download
  • Latest Citrix Receiver For Mac
  • Latest Citrix Receiver For Windows
  • Latest Citrix Receiver For Windows 10 64 Bit
  • Applicable Products

    After installing the latest Citrix Receiver 3.3, one of our techs began to experience crashes of their terminal sessions after about 1-2 minutes. I connected to my lab and installed the latest Citrix Receiver and was able to reproduce. This video shows you how to solve Citrix Receiver problem in Windows 10.Help support my channel by subscribing and turning on notifications - Lets help grow. An efficient virtual workspace app. The app is the most extensive technology the Citrix family of services has to offer. Citrix Workspace App is a universal software client that allows you to instantly access anytime, anywhere all your workspace services without the trouble of individually sign-on, confusing passwords, and complicated interfaces.

    CitrixReceiver
    • Citrix Workspace App
    • Receiver for Windows

    Description of Problem

    A vulnerability has been identified in Citrix Workspace app and Receiver for Windows that could result in local drive access preferences not being enforced allowing an attacker read/write access to the clients local drives which could enable code execution on the client device.

    This vulnerability has been assigned the following CVE number:

    • CVE-2019-11634: Remote Code Execution Vulnerability in Citrix Workspace app for Windows prior to version 1904 and Receiver for Windows to LTSR 4.9 CU6 version earlier than 4.9.6001.

    Citrix Receiver 14.9.6001.1 Download

    This vulnerability affects all versions of Citrix Workspace app for Windows and Receiver for Windows the fix is contained in Citrix Workspace app version 1904 or later and Receiver for Windows to LTSR 4.9 CU6 version 4.9.6001.

    This vulnerability does not affect Citrix Workspace app and Receiver on any other platforms.

    Mitigating Factors

    Latest

    Citrix strongly recommends that customers upgrade to the latest Citrix Workspace app for Windows and Receiver for Windows to address this vulnerability. In cases where the upgrade is not immediately possible applying a Client Selective Trust policy via GPO can be used to limit the exploitability of this vulnerability until the upgrade can be completed. The following settings must be set for both x86 and x64 hives and the client system must be rebooted to take effect.

    Set all FileSecurityPermission to 0, which means No Access (See CTX133565 for further details)

    And

    Set InstantiatedSecurityPolicyEditabledefault to false (See CTX128792 for further details)

    Note: Restarting Citrix Workspace app and Receiver is not sufficient to apply the changes, the operating system must be rebooted.

    What Customers Should Do

    A new version of Citrix Workspace app and Receiver for Windows has been released. Citrix strongly recommends that customers upgrade Citrix Workspace app to version 1904 or later and Receiver for Windows to LTSR 4.9 CU6 version 4.9.6001.

    The new Citrix Workspace app version is available from the following Citrix website location:

    The new LTSR version is available from the following Citrix website location:

    Single Sign-on (SSO) could stop working, after applying the security update, for browsers other than Internet Explorer unless explicitly configured. Use the following documentation to ensure proper configuration post fix installation:

    Acknowledgements

    Citrix thanks Ollie Whitehouse, Richard Warren and Martin Hill of NCC Group for working with us to protect Citrix customers.

    What Citrix Is Doing

    Latest Citrix Receiver For Mac

    Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at http://support.citrix.com/.

    Citrix

    Obtaining Support on This Issue

    If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at https://www.citrix.com/support/open-a-support-case.html.

    Reporting Security Vulnerabilities

    Latest Citrix Receiver For Windows

    Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For guidance on how to report security-related issues to Citrix, please see the following document: CTX081743 – Reporting Security Issues to Citrix

    Changelog

    Receiver

    Latest Citrix Receiver For Windows 10 64 Bit

    Date Change
    13th May 2019Initial publishing
    17th May 2019Clarified affected version statement
    24th May 2019Added 'Mitigating Factors' section