Hotfix DSE100W2K3X64006 - For Citrix Desktop Server 1.0 for Windows Server 2003Hotfix readme name:
Hotfix package name:
For: Citrix Desktop Server 1.0 x64 Edition
Caution! This hotfix may require you to edit the registry. Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Citrix cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.
This document describes the issue(s) solved by this hotfix and includes installation instructions. For more information, see your product Administrator's Guide located on the product CD or installed on your servers.
This security fix is designed to enhance security with published applications by making their names harder to predict. To achieve this, the fix appends a token to the Application Name when the application is published. The token is a circumflex followed by a random combination of eight characters/digits. For example, if you publish Microsoft Word with an Application Name of "MS Word" and a Display Name of "Word," users see "Word" when enumerating the application, and an .ica file lists the application as #"MS Word^XXXXXXXX." No changes are made to the application's Display Name (the name of the application as it appears in client interfaces) except for Program Neighborhood custom connections, where the Display Name is equal to the Application Name as it appears in the application's Properties page in the console.
Important Notes:
You must install this fix on all servers in the farm.
Application names that contain special characters must be enclosed within quotation marks when using a command line to launch the application, for example, "MS Word^XXXXXXXX."
Only the Application Names of applications you publish after you install this fix are changed as described.
The Application Names of applications already published when you install this fix are not modified. To update previously published applications within the farm, run dscheck /SecureApp.
Modifying previously published applications by running dscheck /SecureApp can create backward compatibility issues with older .ica files that do not contain the updated Application Name. To prevent such compatibility issues, you can choose to:
Not update previously published applications
Selectively revert the Application Name to the previous format by deleting the token from the updated Application Name in the application's Properties page.
For more information, see Knowledge Center article CTX115245.
[From DSE100W2K3X64003]
In response to customer feedback, this fix modifies Fix #172653 so that security tokens are no longer appended to the application name by default when you publish an application. While the feature continues to be available, it is no longer enabled by default. Instead, you must enable it manually by setting the following registry key:
On 32-bit Windows:
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\IMA
Name: EnableSecurityTokenForNewApp
Type: DWORD
Data: 0x1
On 64-bit Windows:
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\IMA
Name: EnableSecurityTokenForNewApp
Type: DWORD
Data: 0x1
For more information, see Knowledge Center article CTX115245.
[From DSE100W2K3X64006]
This fix addresses a security vulnerability. For more information, see Knowledge Center article CTX115245.
[From DSE100W2K3X64006]
Notes:
This hotfix is packaged with Microsoft Windows Installer 3.0 as a .msp file. For more information about deploying these, see Microsoft article 884016 or visit the Microsoft Web site and search on keyword msiexec.
To install this hotfix successfully, servers must not have registry modification restrictions in place.
This hotfix might or might not prompt you to restart the server when the installation or uninstallation is complete. If you are using the Access Suite Console, you must restart the server after installing or uninstalling this hotfix to ensure that the hotfix is added to or removed from the console's hotfix inventory list.
To install this hotfix:
Copy the hotfix package to an empty folder on the hard drive of the server you want to update.
Close all applications.
Run the executable.
Restart the server.
If you are using the Access Suite Console, restart the server to ensure the hotfix is added to the console's hotfix inventory list.
To uninstall this hotfix:
From the Start menu, select Settings > Control Panel.
In Control Panel, double-click Add/Remove Programs.
Highlight the hotfix you want to uninstall and click Remove.
Follow the directions on-screen.
If you are using the Access Suite Console, restart the server to ensure the hotfix is removed from the console's hotfix inventory list.
File Name |
Date |
Time |
Size |
CPatch.exe |
06/12/2008 |
04:41p |
106,496 |
CPatchbackup_Files.vbs |
06/12/2008 |
04:41p |
2,885 |
CPatchRestore_Files.vbs |
06/12/2008 |
04:41p |
5,488 |
CPatchUI.dll |
06/12/2008 |
04:41p |
4,608 |
ctxrpc64.dll |
05/22/2008 |
02:24p |
38,024 |
ImaAppSAL64.dll |
05/22/2008 |
02:18p |
211,968 |
imamfrpc_client64.dll |
05/22/2008 |
02:19p |
95,744 |
ImaMsgsUI.dll |
05/22/2008 |
02:18p |
49,152 |
LmsSal64.dll |
05/22/2008 |
02:18p |
114,688 |
mfappsal64.dll |
05/22/2008 |
02:19p |
235,008 |
MfPnSal64.dll |
05/22/2008 |
02:18p |
60,416 |
MfPrintSal64.dll |
05/22/2008 |
02:18p |
136,704 |
MfSrvSal64.dll |
05/22/2008 |
02:18p |
509,440 |
PS450RegBackup.vbs |
06/12/2008 |
04:41p |
5,076 |
UpdatePath.vbs |
06/12/2008 |
04:42p |
1,196 |
wfshellUI.dll |
05/22/2008 |
02:19p |
53,248 |
wsxica.dll |
05/22/2008 |
02:24p |
1,559,312 |
X64DupFileFolderDelete.vbs |
06/12/2008 |
04:42p |
4,494 |
dscheck.exe (x32) |
05/22/2008 |
02:20p |
184,320 |
ImaAppSal.dll (x32) |
05/22/2008 |
02:19p |
163,840 |
ImaAppSs.dll (x32) |
05/22/2008 |
02:24p |
364,680 |
ImaMfRpc_Client.dll (x32) |
05/22/2008 |
02:20p |
59,392 |
ImaMsgsUI.dll (x32) |
05/22/2008 |
02:20p |
49,152 |
MfRpcSs.dll (x32) |
05/22/2008 |
02:24p |
299,144 |
seamls20.dll (x32) |
05/22/2008 |
02:20p |
102,400 |
wfshellUI.dll (x32) |
05/22/2008 |
02:20p |
53,248 |
File Name |
MD5 Checksum |
||
DSE100W2K3X64006.msp |
5D0741B6AA945C98F8E8DA681E326494 |
||
CPatch.exe |
A3813F561F885FFB03DEB6CC5F844EAF |
||
CPatchbackup_Files.vbs |
26FFE12EE9D01798C12108C535E94AE8 |
||
CPatchRestore_Files.vbs |
963696384CC9682B91A2D35CC5E1629B |
||
CPatchUI.dll |
9D08CB47D3963B1062AE194AD3A0EC8B |
||
ctxrpc64.dll |
B495ED1D438428EE4A6467328D589605 |
||
ImaAppSAL64.dll |
75F91392E74DE546666ADE74F6059F75 |
||
imamfrpc_client64.dll |
E051EEFE389BEADDD00E45FDEDC7B047 |
||
ImaMsgsUI.dll |
51D85B6FADD7F7B44223D293B3B374C6 |
||
LmsSal64.dll |
AB78A3063BF7458DEC6BAD0A98450FA4 |
||
mfappsal64.dll |
CDCD764B31F303524C825BE52A6A8A23 |
||
MfPnSal64.dll |
009EE381B8DB714340263BFF9613DA24 |
||
MfPrintSal64.dll |
D1443591BE7BF021E289D01468924D32 |
||
MfSrvSal64.dll |
CF863F8B57BA367B564F244072182F49 |
||
PS450RegBackup.vbs |
143C296213DDDA06950A825A12A091AA |
||
UpdatePath.vbs |
133861D33EA233BFC7551239C65B2D45 |
||
wfshellUI.dll |
5FC1CFEE1411A91717D34BF97BF81D09 |
||
wsxica.dll |
258BEE8752FC19CA3A6EBDCBFA4483D9 |
||
X64DupFileFolderDelete.vbs |
CCCA14F3D022CF2BF987165B495CF708 |
||
dscheck.exe (x32) |
85ADDA64BAF81DFD0925CEC742025B4A |
||
ImaAppSal.dll (x32) |
52D5A672AE0AD5DA0D6649308ED1946D |
||
ImaAppSs.dll (x32) |
A7B862A325A4A967F1B93A773D4BAF50 |
||
ImaMfRpc_Client.dll (x32) |
42D0325FC777826330A228795C276DD1 |
||
ImaMsgsUI.dll (x32) |
51D85B6FADD7F7B44223D293B3B374C6 |
||
MfRpcSs.dll (x32) |
5E68A49F8A850FACEEFD67CD54C1F111 |
||
seamls20.dll (x32) |
1B3D7A113EEEEECEDFDE765F7A8EDD82 |
||
wfshellUI.dll (x32) |
5FC1CFEE1411A91717D34BF97BF81D09 |
||
