Citrix Known Issues with Microsoft Security Updates for VDA 7.6.300/7.7.0 on Windows 10

Citrix is committed to ensuring compatibility with Security Updates released by Microsoft every month. Microsoft releases Cumulative Security Updates for Windows 10 RTM (Current Business Branch and LTSB) and Windows 10 Version 1511. The Cumulative Security Updates released January 2016 onwards are incompatible with Citrix VDA’s listed below. The Knowledge Base (KB) numbers for the incompatible Security Updates are:

Windows 10 RTM (Current Business Branch and LTSB)	Security Update	Release Date
	KB3124266	January 2016
	KB3135174	February 2016
	KB3140745	March 2016
	KB3147461	April 2016
Windows 10 Version 1511	KB3124263	January 2016
	KB3124262	January 2016
	KB3135173	February 2016
	KB3140768	March 2016
	KB3147458	April 2016
Windows 10 Version 1511 (Updated Feb 2016)??	Cumulative image inclusive of all updates up to February 2016	March 2016

This article contains information about known issues of above Security Updates with Citrix XenDesktop in conjunction with the following listed Citrix products and known workarounds for respective issues:

• Citrix WorkstationOS Virtual Delivery Agent (VDA) 7.6.300

• Citrix WorkstationOS Virtual Delivery Agent (VDA) 7.7.0

Note

• This is a live article, and is updated as and when the new information becomes available.

• Microsoft has made available a Cumulative Windows 10 v1511 (Updated Feb 2016) which is inclusive of all updates released up to February 2016. This version is incompatible with Citrix VDA 7.6.300. Citrix recommends users to use the RTM version of Windows 10 v1511 and follow Solution 2. To use the Windows 10 v1511 (Updated Feb 2016) image, a work around is documented in later part of this article. As and when a full fix is available, this article will be updated.??

• To confirm your Win10 version, please run “winver.exe” from command line:
  RTM = Version 10.0 (Build 10240),??
  1511 = Version 1511 (Build 10586.104)
  1511 (Updated Feb 2016) = Version 1511 (Build 10586.164)

• On some Windows 10 machines, only the latest KB for Security Updates may be visible in ‘Installed Updates’. On some machines, all of the respective KB numbers mentioned in the above table may appear.

• Installing a Citrix VDA on a Windows 10 machine where any of the above Security Updates are already installed will result in the known issue mentioned below. It is advised to uninstall these prior to installing Citrix VDA.

• A Citrix solution has been provided for Windows 10 RTM (Current Business Branch and LTSB) and Windows 10 Version 1511.

Known Issues

The following are the known issues:

Issue 1

Users are unable to authenticate to or launch a Windows 10 v7.6.300 VDA or v7.7 VDA using ICA, RDP or through Console if any of the above Security Updates are installed. Users may notice some of the below symptoms:

• When user tries to launch a Windows 10 VDA, it tries to process indefinitely and fails to launch.

• When user attempts a login to the system from Console, it fails to login and returns to the login screen. On some machines, an error message “The handle is invalid” may appear.

• When user tries to RDP to the machine, after entering credentials, it fails to connect and returns to the initial RDP screen.

Solution 1

Citrix has released a compatible hotfix for VDA v7.6.300 that must be installed before applying the above referenced Security Updates. Refer to CTX205783 (32bit) / CTX205784 (64bit) for more details. Customers who automatically install the latest Microsoft updates through Windows Update are urged to apply the Citrix hotfix as soon as possible. For users on VDA v7.7, the next version of VDA 7.8 contains the fix.

Customers who are experiencing the known issue mentioned above are suggested to follow the below steps to recover the machine.

Users on VDA v7.6.300

• Start the machine in Safe Mode.
• Open Add/Remove Programs.
• Select View installed updates.
• Uninstall all the incompatible Security Updates referenced above and reboot the machine.
• Follow instructions to install the compatible Citrix hotfix found in CTX205783 (32bit) / CTX205784 (64bit).
• Install applicable Microsoft Security Updates.

Users on VDA v7.7

• Start the machine in Safe Mode.
• Open Add/Remove Programs
• Select View installed updates
• Uninstall all the incompatible Security Updates referenced above and reboot the machine.
• Install VDA v7.8 which contains the fix for above issue. VDA v7.8 could be downloaded from https://www.citrix.com/downloads/xendesktop/product-software.html.

Solution 2 (For New Deployments of VDA v7.6.300 only)

• Prepare a Windows 10 image.
• Install applicable Microsoft Security Updates (including ones listed in above table).
• Install VDA v7.6.300 and choose NOT to reboot.
• Follow instructions to install the compatible Citrix hotfix found in CTX205783 (32bit) / CTX205784 (64bit).

Workaround (Only for New Deployments of VDA v7.6.300 on Windows 10 Version 1511 (Updated Feb 2016)):

• Prepare a Windows 10 Version 1511 (Updated February 2016) image

CAUTION: Installing the VDA and rebooting in the next step may land the machine into an unrecoverable state. It is essential not to reboot after installing VDA.

• Install VDA v7.6.300 and choose NOT to reboot.

• Follow instructions to install the compatible Citrix hotfix found in CTX205783 (32bit) / CTX205784 (64bit)

Citrix is not responsible for and does not endorse or accept any responsibility for the contents or your use of these third party Web sites. Citrix is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement by Citrix of the linked Web site. It is your responsibility to take precautions to ensure that whatever Web site you use is free of viruses or other harmful items.