Citrix will release the latest security updates that fix the leak in the company's servers on Friday. The Lower House has therefore put the Citrix servers back online, a spokesperson told NU.nl.
Earlier this week, patches were released for a number of versions of the Citrix software. Updates for versions 12.1 and 13.0 were added on Friday. Only for the version 10.5 no patch is available yet; Citrix will release this later on Friday.
The patches ensure that the vulnerability in the Citrix systems is addressed. For many municipalities, the Citrix servers therefore switched on again during the course of the week. The House of Representatives has put the servers online again on Thursday afternoon. "It is now possible to read emails and the agenda on mobile devices again," says a spokesperson for the House of Representatives.
At the end of last week, many Dutch organizations, including the House of Representatives and several ministries and municipalities, switched off the Citrix servers. A vulnerability in Citrix's servers enabled malicious parties to remotely have programming code played on a network. They could then take over the entire system.
Many Dutch companies use Citrix, among other things, to enable employees to work at home. That was not possible for many civil servants for a week.
"Keep monitoring the servers"
The National Cyber Security Center (NCSC) warns on Friday that patching Citrix software is only effective if the network of an organization is not compromised. "On the basis of your risk assessment you can determine to what extent this is plausible", according to the organization. The NCSC previously wrote that companies that took steps after January 9 to protect their systems could assume that their systems had been compromised.
A spokesperson for the House of Representatives emphasizes that before the servers were put back online, they were carefully tested to see whether they were safe again. "External experts were also consulted."
The NCSC advises organizations to continue to monitor for abuse after the installation of the patches.