Good: IT admins scrambled to patch 80 per cent of public-facing Citrix boxes to close nightmare hijack hole

Good: IT admins scrambled to patch 80 per cent of public-facing Citrix boxes to close nightmare hijack hole

Bad: The other 20 per cent are still wide open. Also bad: Some of those patched machines may have been hacked


Roughly a fifth of the public-facing Citrix devices vulnerable to the CVE-2019-19781 remote-hijacking flaw, aka Shitrix, remain unpatched and open to remote attack.


Positive Technologies today estimated that thousands of companies remain open to the takeover vulnerability in Citrix ADC and Gateway. A successful exploit would give hackers a foothold in a compromised network.


The infosec biz, whose researchers discovered and disclosed the vulnerability in December of last year, has been heading up an awareness campaign to get as many of the estimated 80,000 Citrix customers worldwide patched and protected from the flaw.


Despite a massive push by Citrix, and others, to get vulnerable machines shored up, it is believed that thousands of machines worldwide, many in the US and UK, have not yet been fixed.


"Overall, the vulnerability is being fixed quickly, but 19 per cent of companies are still at risk. The countries with the greatest numbers of vulnerable companies currently include Brazil (43 per cent of all companies where the vulnerability was originally detected), China (39 per cent), Russia (35 per cent), France (34 per cent), Italy (33 per cent), and Spain (25 per cent)," Positive reports.


'Friendly' hackers are seemingly fixing the Citrix server hole – and leaving a nasty present behind


READ MORE

"The USA, Great Britain, and Australia are protecting th ..