Citrix Workspace 2001



  1. Citrix Workspace Homepage
  2. Citrix Workspace 2001 Mac
  3. Citrix Workspace 2012 Ltsr

Citrix provides a complete and integrated portfolio of Workspace-as-a-Service, application delivery, virtualization, mobility, network delivery and file sharing solutions that enables IT to ensure. Citrix Workspace app 2001 introduced a fundamental registration change for virtual channels which conflicts with previous Citrix Workspace installations. This has resulted in a known issue when upgrading from Citrix Workspace app 1912 or earlier to 2001 or later. This can be resolved by re-running the deviceTRUST Client installer. Probe Agent shows 'Workspace unreachable' on Windows Server 2016 & older and Windows 10 Solution Install.NET version 4.7.2 on the Probe Agent machine if not already installed and test again. When you install Citrix Workspace app, the Citrix Workspace app installer checks whether the Microsoft Visual C Redistributable package is present on the system and installs it if necessary. This document aims to guide you through the installation process of both. The policies along with a minimum of Citrix Workspace app 1912 for Windows or Citrix Workspace app 2001 for Mac can help protect data from keyloggers and screen scrapers. Anti-keylogging when enabled.

Workspace
downloadWhy can't I download this file?
  • If the key does not exist, the Windows default value will be used.
  • If the key exists but is set at too low a value, increase accordingly.
    • For most scenarios, it is recommended to set the ServicesPipeTimeout value to decimal 300000 (5 minutes).
  • Reboot the machine and confirm Citrix Profile Management service starts up successfully.

    • Solution 2 (WEM Agent considerations)
    If the Citrix Workspace Environment Management (WEM) Agent will be installed on the machine, be aware that during a default WEM Agent installation, the ServicesPipeTimeout value is set to 60000 (1 minute).
    If 1 minute is too low, change accordingly as per the steps shown in Solution 1 above.
    Citrix workspace 2010To prevent a default WEM Agent installation from changing the ServicesPipeTimeout value to 60000, installation cmdline parameters can be used to set the value to 300000:
    ”Citrix Workspace Environment Management Agent Setup.exe” /v”ServicesPipeTimeout=”300000””
    Solution 1 & 2 Notes:
    1. If no communications are possible after the timeout value, the Citrix Profile Management service will fail to start.
    2. Customers should investigate and resolve any communications issues between the Profile Management service and the remote logging machine, as part of the solution.

    Problem Cause

    On startup, the Citrix Profile Management service writes to the Profile Management logs specified by the PathToLogFile parameter. If the path to the log files have been configured to a remote machine, it is possible that network or other issues may either delay or prevent communications between the Citrix Profile Management service on the VDA and the remote machine. If this occurs the Citrix Profile Management service startup can timeout and fail. The timeout value is controlled by the system registry key: ServicesPipeTimeout
    The default ServicesPipeTimeout value for Windows operating systems is decimal 300000 (5 minutes). However some applications like WEM Agent and other third party apps may change the ServicesPipeTimeout value during installation.

    Additional Resources

    Microsoft support article: A service does not start, and events 7000 and 7011 are logged in the Windows event log
    Install and configure WEM Agent for on-premise deployments:
    https://docs.citrix.com/en-us/workspace-environment-management/current-release/install-and-configure/agent-host.html
    Install and configure WEM Agent for Cloud Workspace Environment Management deployments:
    https://docs.citrix.com/en-us/workspace-environment-management/service/install-and-configure.html
    downloadWhy can't I download this file?Citrix Workspace Homepage

    Description of Problem

    A vulnerability has been identified in the automatic update service of Citrix Workspace app for Windows that could result in:

    • A local user escalating their privilege level to that of an administrator on the computer running Citrix Workspace app for Windows.

    • A remote compromise of the computer running Citrix Workspace app when Windows file sharing (SMB) is enabled.

    The issue has the following identifier:

    Citrix Workspace 2001 Mac

    • CVE-2020-8207

    This vulnerability affects the following supported versions of Citrix Workspace app for Windows:

    • Citrix Workspace app 2002, 2006 and 2006.1 for Windows
    • Citrix Workspace app 1912 LTSR for Windows (before CU1 Hotfix 1)

    Note that this vulnerability was originally reported against a subset of the versions above. However, further investigation has discovered potential variant forms of this attack and the affected versions have been amended accordingly.

    This vulnerability does not affect Citrix Workspace app on any other platforms or any supported versions of Citrix Receiver.

    Mitigating Factors

    Workspace

    This vulnerability only exists if Citrix Workspace app was installed using an account with local or domain administrator privileges. It does not exist when a standard Windows user installed Citrix Workspace app for Windows.

    A remote compromise is only possible when the user has enabled Windows file sharing (SMB) and only when the updater service is running. If authentication is required for SMB then an attacker must be able to authenticate before they could exploit this issue.

    Users with automatic updates enabled and applied should have already been updated to a fixed version.

    What Customers Should Do

    The issue has been addressed in the following versions of Citrix Workspace app for Windows:

    • Citrix Workspace App 2008 or later
    • Citrix Workspace App 1912 LTSR CU1 Hotfix 1 (19.12.1001) and later cumulative updates

    Note that these versions have been updated since the original publication of this bulletin.

    Citrix strongly recommends that customers check if the version they are running has been automatically updated and, if necessary, upgrade to a fixed version as soon as possible.

    The latest version of Citrix Workspace app for Windows is available from the following Citrix website location:

    The latest LTSR version of Citrix Workspace app for Windows is available from the following Citrix website location:

    Acknowledgements

    Citrix would like to thank Ceri Coburn at Pen Test Partners for working with us to protect Citrix customers during both the initial disclosure of this issue and subsequent variants.

    What Citrix Is Doing

    Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at http://support.citrix.com/.

    Workspace

    Obtaining Support on This Issue

    If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at https://www.citrix.com/support/open-a-support-case.html.

    Reporting Security Vulnerabilities

    Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For details on our vulnerability response process and guidance on how to report security-related issues to Citrix, please visit the Citrix Trust Center at https://www.citrix.com/about/trust-center/vulnerability-process.html.

    Changelog

    Citrix Workspace 2012 Ltsr

    Date Change
    2020-07-21Initial Publication
    2020-09-08Revision of fixed versions