Computer

Citrix, Sophos software affected by leap year 2024 bugs

11 months ago
Apps
No Comments

February 29

Citrix and Sophos products were affected by leap year bugs, which led to unexpected problems in their products.

Leap years solve the synchronization problem caused by the Gregorian calendar, which measures a year in 365 days, while the astronomical year has 365.24 days. During leap years, an extra day is added on February 29 to correct this difference.

However, the leap year solution can cause problems in computer systems as their software may not be programmed to account for that extra day, causing unexpected errors.

Citrix hit by leap year bug

The first signs of the problem became apparent earlier today when multiple users on the vendor’s support forums reported that the Citrix HDX HTML5 Video Redirection Service stopped working on all Virtual Delivery Agent (VDA) machines.

The service is part of Citrix’s suite of virtualization products used in telecommuting, education, content delivery and multimedia applications. Improves the user experience when streaming video content in a virtual desktop or application session through playback optimizations that redirect HTML5 video processing from the server to the client.

Users reported that environments with different configurations were affected by the service outage, matching the issue described in a thread first created on February 29, 2020, when the last leap year occurred.

Soon users made the connection between today’s date and the creation of the thread, realizing that they were dealing with a leap year bug that was causing unexpected behavior.

Some users suggested changing the system date from February 28, 2024 and quickly restarting the Citrix service without rebooting, which reportedly worked.

Suggested date change fix
Suggested date change fix (Citrix Support Forums)

Unfortunately, this solution is impractical for those managing many servers, as they must manually change the time for each of the affected endpoints, and restarting the server could disrupt operations.

Finally, Citrix responded to user reports with a bulletin, saying that the issue only started after restarting the VDA, and the vendor suggested the following workaround until a permanent fix is ​​ready:

  1. Stop the time service from automatically changing to the correct date
  2. Change the date to March 1, 2024
  3. Stop and start CtxHdxWebSocketService (Citrix HDX HTML5 Video Redirection Service)
  4. Restart the time service.

Alternatively, users can run the following command via an elevated command prompt as an administrator:


net stop w32time & date 03-01-2024 & net start CtxHdxWebSocketService & net start w32time

Citrix says its engineering team is working on a fix so customers don’t have this problem during the next leap year, February 29, 2028.

It’s unclear if this “bug” will resolve itself tomorrow, March 1, 2024, or if it will cause a permanent outage that could last until an official fix is ​​issued.

And Sophos had an impact

Sophos also announced that Sophos Endpoint, Sophos Server and Sophos Home may experience issues in the form of unexpected security certification validation warnings for HTTPS websites if the devices are rebooted on February 29, 2024.

This error only appears if the ‘SSL/TLS decryption of HTTPS websites’ setting is enabled in the antivirus software, which is used to decrypt secure web connections so that the content can be scanned for malicious scripts. This setting is probably enabled for most security software users.

Error observed in reported cases
An error was detected in the affected browsing sessions (Sophos)

The vendor has offered various solutions for the affected products, summarized as follows:

  • Sophos Endpoint – Sophos has automatically disabled SSL/TLS decryption for all users to prevent problems. An upcoming software update will fix this, after which users should undo any manual decryption disables.
  • Sophos Server version 2023.1.x – If you have problems, manually disable SSL/TLS decryption; as of March 1, 2024, restarting the server will resolve the issue and the settings should be restored as desired.
  • Sophos Server version 2023.2.x – Sophos has disabled SSL/TLS decryption via a policy override for everyone. A software update is planned to reverse this change, and users should subsequently restore their settings if they manually disabled decryption.
  • Sophos Home – Users experiencing problems should disable SSL/TLS decryption. It is recommended to restart and re-enable decryption settings on or after March 1, 2024.

Leap year problems around the world

The leap year has caused a number of problems with computer systems around the world today, perhaps the most significant outage at Allied Petroleum’s self-service petrol stations in New Zealand.

Another victim of the leap year glitch appears to be Sweden’s leading grocer, ICA, which was reportedly unable to accept card payments today “due to an internal issue caused by the date”.

Also, reports from Japan say the leap year has disrupted driver’s license issuance in four prefectures, forcing authorities to make an emergency transition to unaffected systems.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts

Computer

TrustArc named #1 in data privacy management for four consecutive quarters, according to G2

9 months ago
Apps
Computer

SQream’s code-free Panoply platform earns 21 G2 badges in key customer satisfaction categories for the Spring 2024 report.

9 months ago
Apps
Computer

MacPaw Releases 2023 Social Impact Review, Demonstrating Commitment to Positive Change

9 months ago
Apps
Computer

After a failed Linux backdoor attempt grabbed headlines, open source leaders are warning of new attacks

9 months ago
Apps