Urgent alert to update Citrix products

Friday, 17 November 2023


    Does your organisation use Citrix products? An urgent alert to all Australian organisations to update their Citrix software

    Cybercriminals ramp up their activities during the holiday season and take full advantage of the diluted vigilance of Australians and while offices are normally closed. Your business cyber defences and security operations need to be on the money before the Holiday Season begins.

    The Australian Signals Directorate (ASD) has published an urgent alert about a system vulnerability in older versions of Citrix products - NetScaler ADC and Netscaler Gateway - which are commonly used by Australian businesses. The alert can be viewed on the cyber.gov.au website here: Citrix Products NetScaler ADC and NetScaler Gateway Vulnerabilities | Cyber.gov.au

    We encourage all Australian organisations to firstly identify whether they use these products and then to ensure they install the updated versions as soon as possible.

    ASD’s ACSC is aware of organisations that have delayed applying the updates allowing malicious actors to exploit the vulnerability to gain unauthorised access to their networks. For some organisations this has resulted in significant downtime and disruption to their business operations. A relatively small downtime investment to make the software update could save significant disruption (and your Holiday Season!). To help plan and schedule the software updates, review your server usage patterns, peak hours and maintenance windows to minimise business downtime.

    Please contact the Australian Cyber Security Hotline 1300 CYBER1 (1300 292 371) for any questions, or report incidents related to these vulnerabilities via ReportCyber at cyber.gov.au.

    Latest news

    This is of of your complimentary pieces of content

    This is exclusive content.

    You have reached your limit for guest contents. The content you are trying to access is exclusive for AICD members. Please become a member for unlimited access.