It's not often that you will see it, but Citrix has warned of a vulnerability in its Presentation Server Client that can be exploited by hackers on machines running one of the world's most popular thin-client applications. 

The flaw was identified by Juniper Networks.
On its website, Citrix states: "The Citrix Presentation Server Client for Windows includes support for making ICA connections through proxy servers. An implementation flaw in this functionality may allow an attacker to execute arbitrary code in the context of the client process.
"This vulnerability could potentially be exploited by any malicious Web site visited by the user. This vulnerability is likely to be exploitable in most client deployments.
"This vulnerability is present in versions 9.230 and earlier of the Citrix Presentation Server Client for Windows."
Citrix advises its customers to upgrade to Version 10 of its software to guard against attacks.
"This vulnerability has been addressed in the Citrix Presentation Server Client for Windows version 10.0 and later. Citrix strongly recommends that customers upgrade their Citrix Presentation Server Client for Windows to version 10.0 and later. These upgrades can be obtained from the following location:
http://www.citrix.com/English/SS/downloads/downloads.asp?dID=2755
To accommodate customers who are unable to immediately move to Citrix Presentation Server Client for Windows version 10.0, a limited release version of the older client containing a fix for this issue is also available. This version of the client (9.237) will provide a temporary work-around until version 10.0 can be deployed. Please refer to the following Knowledge Base article for further information:
http://support.citrix.com/article/CTX112669 "