NetScaler Times newsletter for Week 9 - 2025

Hello Everyone

It’s Andrew again over at Cloud Software Group. This NetScaler Times update aims to keep you up-to-date! ?? Why read this? The idea is to pull together events, firmware releases, support articles, and anything else I think is relevant into a single email.

High-level agenda for this week:

• This is a NetScaler Times newsletter with security updates, firmware builds, and other relevant news.
• Three CVEs were posted last week, but none triggered code updates in the latest NetScaler releases.
• The latest firmware builds for NetScaler are listed, with no major changes from last week.
• NetScaler Console service now supports importing and synchronizing StyleBooks from privately-hosted GitLab/GitHub repositories.
• End of Sale and End of Life dates for appliances are provided.
• Other updates include documentation changes and news about Apple removing its Advanced Data Protection feature in the UK and a $1.5 billion crypto heist.

1. NetScaler Security updates from the last week:

CVE Updates

These three CVE’s were posted last week(if you missed it!). There was a client update (the first one), a NetScaler Console update, and new information about something posted last summer. Something that is ‘interesting’, is that none of these triggered actual code updates in the latest release(s) of NetScaler / Console itself.

• Citrix Secure Access Client for Mac Security Bulletin for CVE-2025-1222 and CVE-2025-1223. The support doc is here
• CVE-2024-12284, Console vulnerability. The support doc is here
• CVE-2024-6387, OpenSSH issue update. The full post is here

Anil Shetty posted some supporting material about CVE-2024-12284: High-severity security update for NetScaler Console

Read more here

NetScaler WAF Signatures Update v146 updated on the 20th Feb

The latest version of its integrated Web App Firewall signatures helps customers mitigate several CVEs with varying CVSS scores. Link to details

2. The latest firmware builds.

The details for the various builds have been listed below, as this helps plan for new releases in your environment. This support document has a lot more information?on the different release cycles.

The NetScaler has multiple form factors to support different environments. NetScaler is built on a single operating system with a software-based architecture, so the behavior will be the same regardless of which is used — hardware, virtual machine, bare metal, or container. Pick one that works for you…

Latest Build Versions:

Here is a timeline for the 14.1 and 13.1 builds to show where they are within their respective release lifecycle.

Here are all the firmware builds in a table:

There were no big build changes last week. The NetScaler Console had a point release..

NetScaler Console Service update

February 19, 2025 - StyleBooks - Support for accessing privately-hosted GitLab/GitHub repositories and Infoblox IPAM

NetScaler Console service StyleBooks now allows you to import and synchronize StyleBooks and Configpacks from GitLab/GitHub repositories that are privately hosted and are accessible only within an enterprise’s intranet.

For more information, see Import and Synchronize StyleBooks from an external repository and Configure IP address management (IPAM).

Which release should I use?

The release families are designed such that 14.1 has more elements changing with each update, hence the feature phase designation. There will be fewer changes in 13.1, so unless you need a capability that is only available in the 14.1 release, the advice is to choose 13.1 for most production deployments.

An example of the move to 14.1, might be that you want to not need the ALB in Azure with your NetScaler HA deployment..read more here. Could save some $$$ or ￡￡￡..

End Of Sale Appliances

These appliances are End of Sale (unavailable to buy new now), they will live and run for 5 more years from 2024.

EOL Appliances

Here is a table showing the significant EOL appliance events for the next 12 months. April looks to have a few appliances that will reach their end of life.

3. NetScaler-related updates from docs!

There were a few other updates from around the web, the bulk of NetScaler news focused on the topics in section 1 :-)

Responder action and policy examples | AppExpert

6 days ago — To block access by using the NetScaler command line: At the command prompt, type the following commands to block access: add responder action ...

Obtaining the MAC address, serial number, and host properties of the appliance

5 days ago — A Media Access Control address (MAC address) is a unique identifier assigned to network interfaces for communication on the physical network segment.

4. Apple is removing its Advanced data Protection feature in the UK

21 Feb 2025

Following recent reports that the United Kingdom was seeking access to end-to-end encrypted data on Apple platforms, the company on Friday announced that it would be phasing out its iCloud Advanced Data Protection (ADP) feature in the UK. As of February 21, users in the country can no longer enable the feature; those users who currently have it on will have to disable it soon.

Read more here

5. Bybit Confirms Record-Breaking $1.5 Billion Crypto Heist..

Cryptocurrency exchange Bybit on Friday revealed that a "sophisticated" attack led to the theft of over $1.5 billion worth of cryptocurrency from one of its Ethereum cold (offline) wallets, making it the largest ever single crypto heist in history.

"The incident occurred when our ETH multisig cold wallet executed a transfer to our warm wallet. Unfortunately, this transaction was manipulated through a sophisticated attack that masked the signing interface, displaying the correct address while altering the underlying smart contract logic," Bybit said in a post on X.

More here

6. Feedback for this newsletter

Naturally, if something you feel should be added/removed or called out, drop me a note; at [email protected]. All mistakes are mine.

You can get all the previous newsletters plus other articles here:

NetScaler Substack portal

Have a great week!