Immediate patching urged as Sodinokibi ransomware gang targets vulnerable systems
Citrix has completed the process of releasing patches for all supported versions of its technology affected by the so-called ‘Shitrix’ vulnerability.
The now-infamous security flaw (CVE-2019-19781), which affects Citrix Application Delivery Controller (ADC) and Gateway products, first surfaced in mid-December.
Citrix initially offered advice on how to mitigate the vulnerability in December, but reports soon surfaced that miscreants were scanning for vulnerable systems en masse.
Proof-of-concept exploit code dropped earlier this month. This prompted Citrix to double down on its patch release schedule – a process it completed on Friday.
Immediate patching is strongly recommended.
Even so, this may come too late for many vulnerable and inter-accessible systems, which have been targeted with cryptomining and later ransomware attacks.
In response to this, Citrix teamed with FireEye to release a free scanning tool to check systems for prior exploitation.