This week, Citrix released updates for critical flaws in Workspace applications for Windows and Linux, as well as Virtual Apps and Desktops. The Virtual Apps and Desktops vulnerability, identified by the tracking number CVE-2023-24483, is characterised as a privilege escalation problem that enables an attacker with access to a Windows VDA as a regular Windows user to escalate rights to System. All Citrix Virtual Apps and Desktops versions prior to 2212, as well as LTSR versions 2203 prior to CU2 and 1912 prior to CU6, are affected by the security flaw. Citrix fixed two flaws that may be used to elevate privileges and carry out activities as the System user in the Workspace app for Windows.