GHOST Security Advisory

  • Published:
  • Updated:
  • Author: Stratodesk

Stratodesk Ghost Advisory

GHOST is the name of a security vulnerability that affects the gethostbyname() C library function. While many Linux systems are affected, the severity of the issue highly depends on the circumstances.

We believe that in NoTouch, the circumstances are low-risk in pure VMware and Citrix environments because an attack would most probably require a prior full hostile takeover of the VDI server environment. If that happens, there is no gain in going after the clients as the attacker already has full access.

In environments where the local Firefox browser is used, different attack vectors exist.

To remove any doubt, we have updated our OS to use glibc 2.19 and produced 2.39.207 that is available for our customers in our download portal (visit www.stratodesk.com/login).

Additionally, we strongly recommend that customers update their management virtual appliances constantly, as is described in our Knowledge Base.

Share this

GHOST Security Advisory

Stratodesk Ghost Advisory

GHOST is the name of a security vulnerability that affects the gethostbyname() C library function. While many Linux systems are affected, the severity of the issue highly depends on the circumstances.

We believe that in NoTouch, the circumstances are low-risk in pure VMware and Citrix environments because an attack would most probably require a prior full hostile takeover of the VDI server environment. If that happens, there is no gain in going after the clients as the attacker already has full access.

In environments where the local Firefox browser is used, different attack vectors exist.

To remove any doubt, we have updated our OS to use glibc 2.19 and produced 2.39.207 that is available for our customers in our download portal (visit www.stratodesk.com/login).

Additionally, we strongly recommend that customers update their management virtual appliances constantly, as is described in our Knowledge Base.

Stratodesk and deviceTRUST Announce Their Collaboration Delivering the Most Secure Endpoint Environment
March 21, 2023

deviceTRUST and NoTouch OS ease the path for customers on their zero-trust security journey San…

Read more
Stratodesk and deviceTRUST Better Together
March 20, 2023

Authored by: Adam Cook and Sven Jansen Stratodesk and deviceTRUST have partnered together to bring…

Read more
Stratodesk Provides Real Value for the Channels – An Interview with Paul Austin, Stratodesk’s New VP of Global Channels
March 13, 2023

Stratodesk is delighted to welcome Paul Austin to Stratodesk as the new VP of Global…

Read more

Subscribe to our newsletter:

Back To Top