After installing the January 2026 Microsoft security updates, Remote Assistance (msra.exe) no longer works on multiple Windows versions. This directly affects Citrix Director Shadowing, as the generated invite files can no longer be opened on patched systems.
The issue is caused by a security hardening related to CVE-2026-20824 – Windows Remote Assistance Security Feature Bypass Vulnerability. While the fix is technically correct from a security perspective, it currently breaks legitimate Remote Assistance workflows in enterprise environments. Continue reading “Workaround after Remote Assistance Error”Migration of Citrix databases
With the latest Citrix Virtual Apps & Desktops (CVAD) LTSR version, older SQL Server versions have been discontinued. If you want to keep your environment stable and supportable, there is no way around migrating the Citrix databases (site, logging, monitoring) to modern SQL servers (2019/2022). Whether cluster, always on or mirroring – the procedure remains essentially the same. In this article, I will show you step by step how to migrate securely.
1. Prerequisites
- Complete backups of all Citrix databases
- Backups/VM snapshots of the delivery controllers (DDCs)
- New SQL Server (Cluster, Always On or Mirror)
- Same SQL version on Principal and Mirror
Checklist for NetScaler (Citrix ADC) CVE-2025-5777 & CVE-2025-6543
On June 17, 2025, Citrix published a security advisory for CVE-2025-5777, followed by CVE-2025-6543 on June 25, 2025. Both are classified as critical and are actively being exploited in the wild.
Threat Overview
- CVE-2025-5777: Critical vulnerability due to improper input validation → leads to memory overread
- CVE-2025-6543: Enables memory overflow, potentially resulting in DoS or arbitrary code execution → Exploits available !
Continue reading “Checklist for NetScaler (Citrix ADC) CVE-2025-5777 & CVE-2025-6543”⚠️ Important: Simply applying the firmware update is not enough. You must manually terminate all active ICA and PCoIP sessions after patching to ensure the vulnerability is fully mitigated.
Install new Microsoft Teams (version 2) in Citrix
The New Teams version (sometimes also called Teams 2.0) will become the new standard for Microsoft’s communication platform from July 1, 2024. On October 1, 2024, the Classical Teams client in the VDI context will reach its end of support and, according to the latest news, its end of availability date on July 1, 2025. These end dates have been adjusted several times in recent weeks.
Checklist for NetScaler (Citrix ADC) CVE-2023-4966
Citrix issued an alert (10/10/2023) about a critical vulnerability (CVE-2023-4966) in all NetScaler (Citrix ADC) & Gateway systems. Several working exploits have been published.
Please note that simply updating the systems is not enough. The connection tokens must also be reset.
Important ! There are no patches for NetScaler (Citrix ADC) version 12.1 or older. These systems have reached their EOL and will therefore no longer be equipped with the necessary fix. In this case please update to the latest 13.0, 13.1 or 14.1 version.
The vulnerability allows anonymous remote code execution and thus unauthenticated attackers to take over various machines with root privileges.
Continue reading “Checklist for NetScaler (Citrix ADC) CVE-2023-4966”