Index | Site Map | FAQ | Facility Info | Reading Rm | New | Help | Glossary | Contact Us |
Background on Potential Public ADAMS Client Software Vulnerability and Recommended ActionsNRC’s Agencywide Documents Access and Management System (ADAMS) provides both Web-based and Citrix-based access methods. On March 2, 2007, a Computer Incident Advisory Capability (CIAC) Information Bulletin was released by the U.S. Department of Energy which discussed a significant vulnerability in the Microsoft Windows client provided by Citrix Systems, Inc. The vulnerability affects only versions of the CITRIX client earlier than version 10.0 for the Microsoft Windows Operating System. It does not affect the ADAMS Web-based access method or other CITRIX clients, such as those for Apple Macintosh, Java, or UNIX.ProblemThe Citrix Presentation Server Client for Windows has a flaw that may allow an attacker to gain access to information on the user’s computer. Additional details can be obtain from Citrix Systems, Inc. web page. Applicable ToUsers who access NRC ADAMS via the Citrix Presentation Server client for Windows with versions earlier than 10.0. SolutionThis vulnerability has been addressed beginning with Citrix Presentation Server Client for Windows version 10.0. Citrix strongly recommends that customers upgrade to this version. NRC has therefore revised the ADAMS Citrix Web page to enable the upgrade process. Users working in a business environment may wish to contact their system administrator prior to upgrading the software. Citrix version 10.0 is also available for download on the Citrix Web page . To upgrade now, follow the instructions under “IT Security Alert” in the ADAMS System Notices Box when you return to the ADAMS Citrix Web page. |
Privacy Policy |
Site Disclaimer |