| |
|||
| Index | Site Map | FAQ | Facility Info | Reading Rm | New | Help | Glossary | Contact Us | |
||
Background on Potential Public ADAMS Client Software Vulnerability and Recommended ActionsNRC’s Agencywide Documents Access and Management System (ADAMS) provides both Web-based and Citrix-based access methods. On March 2, 2007, a Computer Incident Advisory Capability (CIAC) Information Bulletin was released by the U.S. Department of Energy which discussed a significant vulnerability in the Microsoft Windows client provided by Citrix Systems, Inc. The vulnerability affects only versions of the CITRIX client earlier than version 10.0 for the Microsoft Windows Operating System. It does not affect the ADAMS Web-based access method or other CITRIX clients, such as those for Apple Macintosh, Java, or UNIX.ProblemThe Citrix Presentation Server Client for Windows has a flaw
that may allow an attacker to gain access to information on the user’s
computer. Additional details can be obtain from Citrix
Systems, Inc. Applicable ToUsers who access NRC ADAMS via the Citrix Presentation Server client for Windows with versions earlier than 10.0. SolutionThis vulnerability has been addressed beginning with Citrix
Presentation Server Client for Windows version 10.0. Citrix strongly
recommends
that customers upgrade to this version. NRC has therefore revised
the ADAMS Citrix Web page to enable the upgrade process. Users working
in a business environment may wish to contact their system administrator
prior to upgrading the software. Citrix version 10.0 is also available
for download on the Citrix
Web page To upgrade now, follow the instructions under “IT Security Alert” in the ADAMS System Notices Box when you return to the ADAMS Citrix Web page. |
|
Privacy Policy |
Site Disclaimer |
web
page.