Category Archives: XenDesktop

Citrix Security Advisory Bulletins – March 2015

Here is a handy table listing the various Citrix Security bulletins for March 2015, including SSLv3, FREAK, NTP, GHOST, RSA and ShellShock advisories.
 

Security Bulletin: Updated: Products:
Citrix Security Advisory for CVE-2014-3566 – SSLv3 Protocol Flawhttps://support.citrix.com/article/CTX200238 March 19, 2015 NetScaler ADC NetScaler Gateway Secure Gateway

Storefront, Web Interface

XenMobile

 

Citrix Security Advisory for NTP Vulnerabilitieshttps://support.citrix.com/article/CTX200355  March 19, 2015 NetScaler ADC NetScaler Gateway
Citrix Security Advisory for glibc GHOST Vulnerability(CVE-2015-0235)https://support.citrix.com/article/CTX200391

 

March 19, 2015 Netscaler SDXXenServer 
Citrix Security Advisory for RSA Export Key FREAK Vulnerabilityhttps://support.citrix.com/article/CTX200491  March 13, 2015 NetScaler ADC NetScaler Gateway
Citrix Security Advisory for GNU Bash Shellshock Vulnerabilitieshttps://support.citrix.com/article/CTX200217  March 2, 2015 NetScaler ADC NetScaler Gateway Netscaler SDX

XenApp, XenDesktop

XenMobile

Thanks to Michael Pahl [Virtualization Sales Engineer – Rockies] for assembling this list of recent Citrix security bulletins into a single table.
 
 

Attempt to Boot PVS Target with BDM ISO Results in “No ARP Reply”

I recently ran into a problem booting a provisioned XenApp target using Provisioning Services 6.1. The target was set to boot a maintenance version of a known good vDisk. The resulting error was “No ARP Reply”.

noarpreply

This target was using a BDM .iso boot configuration, running under XenServer 6.02, and we were using Provisioning Server 6.1 with all latest available hotfixes.

If this same target was set to boot a Production/Testing version of the image, it would boot fine. At first it seemed the obvious problem was that there was a problem with the associated .avhd, but this exact problem was able to be replicated using another target device, and another .vhd image altogether.

It appears this may be a bug in the Provisioning Server 6.x product, but this problem can be worked around by adding the following registry entry on all your Provisioning Servers:

HKLM\Software\Citrix\ProvisioningServices\SkipBootMenu [DWORD]

Value Behavior

  • 0 Not Defined, normal behavior (default)
  • 1 Don’t send a boot menu to device. Automatically pick the first item that would been on menu and act as if it was the only version assigned, ignoring the device type.
This will eliminate the boot menu altogether, so may only be a usable workaround if this menu is not required in your environment.

Citrix also states that another client worked around this by using PXE instead of BDM.

 

 

Screen Flicker in Internet Explorer within XenDesktop Sessions

 

Problem:

When scrolling and doing mouse-overs in Internet Explorer (IE) frames or pages, within a Windows XP XenDesktop session, screen flicker is seen.

 

Solution:

You need to enable the following key in the registry:

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main

Value Name: "Force Offscreen Composition"

Data Type: DWORD

Value: 1

The following registry tweak forces off screen composition within Microsoft Internet Explorer 5 and above. This tweak will prevent against screen flicker when you view a web page that contains animated content.

For more information, see the following Citrix article:

https://support.citrix.com/article/CTX126216