Citrix Workspace app 2212 for Windows Technology Preview

Release Date: Nov 17, 2022

Citrix Workspace app 2212 for Windows

Nov 17, 2022
269 MB - (.exe) Download File

Version: 22.12.0.17 (2212)

Checksums
  • SHA-256 - A7475E7D37F58EE25A59882AE4F85B2A8688BDE3D333A159D22F0C5AF0032582

Note: This is an Early Access Build shared for the purpose of testing/validation with the intent to make organizations ready for the upcoming release and is NOT advised to be deployed in production environments.

What's New in 2212

Auto-update version control

Administrators can now manage the auto-update version for the devices in the organization.

Administrators can control the version by setting the version in the maximumAllowedVersion property in the Global App Config Service.

Example JSON file in Global App Config Service:

"AutoUpdate": {

"userOverride": false,

"AutoUpdatePluginsSettings": [

    {

    "pluginSettings":

{       "upgradeToLatest": false,       "maximumAllowedVersion": "22.9.0.3934",                }

,

    "pluginName": "WorkspaceApp",

    "pluginId": "1CDF566D-B2C7-47F-6283C862E1D6"

  }

When the version is set, Citrix Workspace app on the user’s device is automatically updated to the version specified in the maximumAllowedVersion property.

Note:

  • To achieve auto-update version control, upgradeToLatest setting in the Global App Config Service must be set to false. If this is true, maximumAllowedVersion will be ignored.
  • Do not modify the pluginId as this is mapped to Citrix Workspace app.
  • If the administrator hasn’t configured the version in the Global App Config Service, Citrix Workspace app is updated to the latest available version by default

Force login prompt for Federated identity provider

Citrix Workspace app now honors Federated Identity Provider Sessions setting. For more information, see Citrix Knowledge Center article CTX253779.

You no longer need to use Store authentication tokens policy to force the login prompt.

Enhancement to App Protection: Anti-DLL Injection [Technical Preview]

Anti-DLL Injection feature protects Citrix Workspace app from unauthorized dynamic-link libraries (DLL) or untrusted modules. If any untrusted module gets injected, the Citrix Workspace app detects such intervention and stops the module from loading.

Previously, this tech preview feature was applicable only for protected virtual apps and desktops. With this release, we have enhanced the scope of the Anti-DLL Injection feature. This feature now:

  • protects all virtual apps or desktop sessions
  • protects Citrix Workspace app authentication window (on-premises deployment/StoreFront)
  • exits the session immediately when an untrusted or malicious DLL already exists on the protected component
  • displays a notification when an untrusted or malicious DLL is blocked. 

To enable this feature, do the following:

  1. Import the admx/adml file. For more information, see Group Policy Object administrative template.
  2. Open the Citrix Workspace app Group Policy Object administrative template by running gpedit.msc.
  3. Under the Computer Configuration node, go to Administrative Templates > Citrix Components > Citrix Workspace > SelfService.
  4. Select the Anti-DLL Injection policy and set it to Enabled.
  5. Click Apply and then OK.

Administrators can also exclude any DLL from the anti-DLL protection scan by enabling the Anti-DLL Module Allow List policy. 

To add DLLs to the Allow list, do the following:

  1. Import the admx/adml file. For more information, see Group Policy Object administrative template.
  2. Open the Citrix Workspace app Group Policy Object administrative template by running gpedit.msc.
  3. Under the Computer Configuration node, go to Administrative Templates > Citrix Components > Citrix Workspace > SelfService.
  4. Select the Anti-DLL Module Allow List and set it to Enabled.
  5. Add the DLL information to be excluded in the Module Allow List field.
  6. Click Apply and then OK.

Note: Restart the Citrix Workspace app to apply the changes.

Disclaimer:

Anti-DLL Injection work by filtering access to required functions of the underlying operating system (specific API calls required to load DLLs). Doing so means that Anti-DLL Injection can provide protection even against custom and purpose-built hacker tools. However, as operating systems evolve, new ways of loading DLLs can emerge. While we continue to identify and address them, we cannot guarantee full protection in specific configurations and deployments.

You can register for this technical preview by using this Podio form.

NoteTechnical previews are available for customers to test in their non-production or limited production environments, and to give customers an opportunity to share feedback. Citrix does not accept support cases for feature previews but welcomes feedback for improving them. Citrix might or might not act on feedback based on its severity, criticality, and importance. It is advised that Beta builds aren’t deployed in production environments.

Support for default installation of App Protection

App Protection component is now installed by default during the Citrix Workspace app installation. 

The Enable app protection check box that appears during the installation is replaced with Start App Protection after installation.

When you select this check box, App Protection starts immediately after the installation.

Note: If you do not enable this check box, App Protection automatically starts upon the first start of a protected resource or component.

You can also install the App Protection component using the /startappprotection command line parameter. However, the previous /includeappprotection switch is deprecated.

App Protection enhancement: Screen capture detection and notification

Starting from this release, you can view a notification when a possible attempt of screen capture is made on any protected resources. For information on the resources protected by App Protection, see What does App Protection protect?.

The notification appears when there is an:

  • attempt to take a screenshot or record video through a screen-capturing tool.
  • attempt to take a screenshot through the Print Screen key.

NoteThe notification appears only once per running instance of the screen capture tool. The notification appears again if you relaunch the tool and attempt screen capture.

Desktop Viewer optimization

This release optimizes the Desktop Viewer experience by reducing the launch time by 5 seconds. The Desktop Viewer toolbar opens quickly and might display the default Windows session sign-in screen. Administrators can hide this experience by configuring the following registry to introduce some delay in milliseconds:

  • Location: HKEY_CURRENT_USER\SOFTWARE\Citrix\XenDesktop\DesktopViewer
  • Name: ExtendConnectScreenMS
  • Type: DWORD
  • Value: 00000000 (Delay in Milliseconds)

NoteThe registry configuration is optional.

Citrix Enterprise Browser

This release includes Citrix Enterprise Browser version 107.1.1.11, based on Chromium version 107.

Fixed issues in 2212

Citrix Workspace app prompts you to select a certificate even when only one certificate exists. This issue occurs while authenticating to Workspace (cloud) store.

You can suppress this certificate prompt by adding the following registry:

On 32-bit systems:

  • Location: HKEY_LOCAL_MACHINE\Software\Citrix\Dazzle or HKEY_CURRENT_USER\Software\Citrix\Dazzle=
  • Name: SuppressCertSelectionPrompt
  • Type: String
  • Value: True

On 64-bit systems

  • Location: HKEY_LOCAL_MACHINE\Software\Wow6432Node\Citrix\Dazzle or HKEY_CURRENT_USER\Software\Citrix\Dazzle
  • Name: SuppressCertSelectionPrompt
  • Type: String
  • Value: True

[CVADHELP-20844]

  • Attempts to access Citrix Workspace app for Windows might fail when the VPN disconnects or reconnects [CVADHELP-20376]
  • Unable to detect End Point Analysis (EPA) while authenticating to the store configured with EPA. This issue occurs when you update Citrix Workspace app from the previous version to 2210 or later. [CVADHELP-21387]

Known issues in 2212

No new issues have been observed in this release.

Please provide your feedback here.

Support Resources