Chocolatey is software management automation for Windows that wraps installers, executables, zips, and scripts into compiled packages. Chocolatey integrates w/SCCM, Puppet, Chef, etc. Chocolatey is trusted by businesses to manage software deployments. Download Why can't I download this file? Log in to Verify Download Permissions. Applicable Products. Citrix Workspace App. The issue is addressed in Citrix Workspace App for Windows 1912 LTSR - Cumulative Update 1. Known issue with version 1912 LTSR (LCMRFWIN-2211) Was this page helpful? Sorry to hear that. Download the Citrix Application Probe Agent 2001. Find it on the CVAD 1912 LTSR downloads page after expanding Components that are on the Component ISO but also packaged separately. On a physical machine in a remote office, install Workspace app 1903 or newer if it isn’t installed already. Citrix Virtual Apps 7 1912 LTSR StandardOnly Citrix provides a complete virtual app and desktop solution to meet all your business needs. Give employees the freedom to work from anywhere while cutting IT costs. Deliver Windows, Linux, and web business applications or full virtual desktops from any.
Hello,
I tried to Update from Workspace App 1912 LTSR (19.12.0.119) to CU1 via the built-in autoupdate mechanism.
Every time I'm trying to install the update it fails after the download during installation.
The CitrixAutoUpdate.log shows this Error:
2020/7/28 12:6:10 : Error : BootStrapperValidator::validateXMLBufferWithXSD (666) : Validation failed Code: 80004005, Code Meaning: Unbekannter Fehler (unknown error), msxml6.dll, /schema/complexType[3][@name = 'InstallerType']
Das Schema ist nicht deterministisch. (The scheme is not deterministic)
Problem mit Element oder Namespaces [##any, WinCodeSignKeyPins]. (problem with element or namespaces)
Any suggestions or experieances with this upgrade?
This vulnerability does not affect Citrix Workspace app on any other platforms or any supported versions of Citrix Receiver.
Mitigating Factors
This vulnerability only exists if Citrix Workspace app was installed using an account with local or domain administrator privileges. Download inforad driver. It does not exist when a standard Windows user installed Citrix Workspace app for Windows.
A remote compromise is only possible when the user has enabled Windows file sharing (SMB) and only when the updater service is running. If authentication is required for SMB then an attacker must be able to authenticate before they could exploit this issue.
Users with automatic updates enabled and applied should have already been updated to a fixed version.
What Customers Should Do
Citrix Receiver Workspace App For Windows
The issue has been addressed in the following versions of Citrix Workspace app for Windows:
- Citrix Workspace App 2008 or later
- Citrix Workspace App 1912 LTSR CU1 Hotfix 1 (19.12.1001) and later cumulative updates
Note that these versions have been updated since the original publication of this bulletin.
Citrix strongly recommends that customers check if the version they are running has been automatically updated and, if necessary, upgrade to a fixed version as soon as possible.
The latest version of Citrix Workspace app for Windows is available from the following Citrix website location:
The latest LTSR version of Citrix Workspace app for Windows is available from the following Citrix website location:
Acknowledgements
Citrix would like to thank Ceri Coburn at Pen Test Partners for working with us to protect Citrix customers during both the initial disclosure of this issue and subsequent variants.
What Citrix Is Doing
Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at http://support.citrix.com/.
Obtaining Support on This Issue
If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at https://www.citrix.com/support/open-a-support-case.html.
Reporting Security Vulnerabilities
Citrix Workspace 1912 Download
Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For details on our vulnerability response process and guidance on how to report security-related issues to Citrix, please visit the Citrix Trust Center at https://www.citrix.com/about/trust-center/vulnerability-process.html.
Changelog
| Date | Change |
| 2020-07-21 | Initial Publication |
| 2020-09-08 | Revision of fixed versions |