Citrix has issued the first of several updates fixing a critical vulnerability in various versions of its Citrix Application Delivery Controller (ADC) and Citrix Gateway products. Several versions of the products still remain unpatched but they will be getting a patch sooner than they were slated to. Citrix originally said some versions would get a patch Jan. 31, but it has now shortened that timeframe, saying fixes are forthcoming on Jan 24 (Friday of this week). The vulnerability was originally disclosed in December, but Citrix announced it would not be issuing fixes for the products until late January
Source: https://threatpost.com/citrix-patch-rollout-critical-rce-flaw/152041/