New Citrix Receiver



Citrix Workspace app is a new client from Citrix that works similar to Citrix Receiver and is fully backward-compatible with your organization’s Citrix infrastructure. Citrix Workspace app provides the full capabilities of Citrix Receiver, as well as new capabilities based on your organization’s Citrix deployment. Citrix Workspace app is a new client from Citrix that works similar to Citrix Receiver and is fully backward-compatible with your organization’s Citrix infrastructure. Citrix Workspace app provides the full capabilities of Citrix Receiver, as well as new capabilities based on your organization’s Citrix deployment. With the Citrix HDX RealTime Media Engine plug-in installed, you cannot start a session after you upgrade Citrix Receiver for Windows to Version 4.9 LTSR Cumulative Update. LD1814 Seamless Windows. When you open a new window within a published application, the icon of the published application might disappear from the taskbar. Follow the steps below to uninstall an old version of Citrix Receiver on your home computer for Windows. Once uninstalled, you will be able to install the new Citrix Receiver. Open Control Panel Programs and Features or Add remove programs. Click Start Menu Click Control Panel New Remote Access Citrix.

downloadWhy can't I download this file?

Description of Problem

A vulnerability has been identified in Citrix Workspace app and Receiver for Windows that could result in local drive access preferences not being enforced allowing an attacker read/write access to the clients local drives which could enable code execution on the client device.

This vulnerability has been assigned the following CVE number:

• CVE-2019-11634: Remote Code Execution Vulnerability in Citrix Workspace app for Windows prior to version 1904 and Receiver for Windows to LTSR 4.9 CU6 version earlier than 4.9.6001.

This vulnerability affects all versions of Citrix Workspace app for Windows and Receiver for Windows the fix is contained in Citrix Workspace app version 1904 or later and Receiver for Windows to LTSR 4.9 CU6 version 4.9.6001.

This vulnerability does not affect Citrix Workspace app and Receiver on any other platforms.

Mitigating Factors

Citrix strongly recommends that customers upgrade to the latest Citrix Workspace app for Windows and Receiver for Windows to address this vulnerability. In cases where the upgrade is not immediately possible applying a Client Selective Trust policy via GPO can be used to limit the exploitability of this vulnerability until the upgrade can be completed. The following settings must be set for both x86 and x64 hives and the client system must be rebooted to take effect.

Set all FileSecurityPermission to 0, which means No Access (See CTX133565 for further details)

And

Set InstantiatedSecurityPolicyEditabledefault to false (See CTX128792 for further details)

Note: Restarting Citrix Workspace app and Receiver is not sufficient to apply the changes, the operating system must be rebooted.

What Customers Should Do

A new version of Citrix Workspace app and Receiver for Windows has been released. Citrix strongly recommends that customers upgrade Citrix Workspace app to version 1904 or later and Receiver for Windows to LTSR 4.9 CU6 version 4.9.6001.

Mac

The new Citrix Workspace app version is available from the following Citrix website location:

The new LTSR version is available from the following Citrix website location:

Latest Citrix Receiver For Mac

New

Single Sign-on (SSO) could stop working, after applying the security update, for browsers other than Internet Explorer unless explicitly configured. Use the following documentation to ensure proper configuration post fix installation:

Acknowledgements

Citrix thanks Ollie Whitehouse, Richard Warren and Martin Hill of NCC Group for working with us to protect Citrix customers.

What Citrix Is Doing

Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at http://support.citrix.com/.

Obtaining Support on This Issue

Receiver

If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at https://www.citrix.com/support/open-a-support-case.html.

Reporting Security Vulnerabilities

Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For guidance on how to report security-related issues to Citrix, please see the following document: CTX081743 – Reporting Security Issues to Citrix

Changelog

Citrix Receiver Web

Latest citrix receiver install
Date Change
13th May 2019Initial publishing
17th May 2019Clarified affected version statement
24th May 2019Added 'Mitigating Factors' section

Hello All,

I have been tasked with configuring/deploying our MS-Edge GPO for thousands of devices and that will include the citrix storefront. I am running into two issue I cant seem to find answers for. Keep in mind we are talking about the new chromium based Edge v86. I have the most current admx files and such.

1. Upon the first run, when you navigate to Workspace.domain.com you are prompted to install or detect the Citrix Receiver. All devices have the receiver installed so I assume its just a matter of associating the receiver to Edge ie getting Edge to see it. Is there an Edge GPO responsible for this or does the solution reside in the registry?

2. Once you click through, you are prompted,

New Citrix Receiver Download

'This site is trying to open Citrix Receiver Launcher.

Citrix Receiver Download

https://workspace.domain.com wants to open this application.

Always allow workspace.domain.com to open links of the type in the associated app.'

I have two policies I thought that would take care of that.

- UC/Policies/Admin Temp/Edge/ Show an 'Always open' checkbox in external protocol dialog' - set to Enabled

- UC/Policies/Admin Temp/Edge/Define a list of protocols that can launch an external application from listed origins without prompting the user - set to enabled. (I found this solution here: https://support.citrix.com/article/CTX285038) I have the format as stated in the article but maybe I didnt do it correctly?

Any help with making a seamless experience for the user to open workspace and it will open without any prompts is the goal here. If i manually accpet all the prompted everything is working perfectly so this is the last piece of the puzzle. I thank you in advance for any help and am still new to GPOs so keep that in mind.