About this release
Learn about new features, enhancements, fixed issues, and known issues for Citrix Workspace app for Windows.
Note:
- Looking for features in Technical Preview? We have curated a list so that you can find them in one place. Explore our Features in Technical Preview page and share your feedback using the attached Podio form link.
- The Workspace UI updates with new features regularly. For more information about the new features on Workspace UI, see What’s new for Workspace UI.
What’s new in 2409.1
This release addresses a few issues that help to improve overall performance and stability.
Fixed issues in 2409.1
- You might notice that printers do not map to the session, causing users to fail to print from published applications using locally installed printers. This issue occurs in Citrix Workspace app for Windows version 2409. [HDX-73816]
Known issues in 2409.1
There are no new known issues in this release.
Note:
For a complete list of issues in the earlier releases, see Known issues.
Earlier releases
This section provides information about the new features and fixed issues in the previous releases that we support as per the Lifecycle Milestones for Citrix Workspace app.
2409
What’s new
Note:
Citrix Workspace app for Windows version 2409 is now available only on the Downloads page. Auto-update availability will begin on December 2nd.
The minimum required version of .NET Desktop Runtime is 8 for Citrix Workspace app for Windows 2409.
- Support for Windows 11 24H2
- Feature flag management
- Single sign-on support for Edge WebView when using Microsoft Entra ID
- Enhanced virtual desktop screen resizing experience
- Enhanced desktop launch experience
- Enhancement to sustainability initiative
- Streamlined beacon checks
- .NET requirements
- SOCKS5 proxy support for EDT
- Customization of Desktop Viewer toolbar
- Remember USB connections
- Disabling the “Exiting Full Screen Mode” tip prompt
- Support for WebHID API in UCSDK
- Support for TLS protocol version 1.3
- Disabling TLS 1.0 or 1.1 communication protocols
- Default audio device selection
- Connection Strength Indicator on Desktop Viewer toolbar
- Enable Audio Quality Enhancer to improve audio performance (Technical Preview)
- Virtual Channel Plugin Manager
- Deprecation of HDX RealTime Optimization Pack for Skype for Business
- Deprecation of PNAgent-based stores
- Citrix Enterprise Browser
Support for Windows 11 24H2
Citrix Workspace app for Windows 2409 provides support for the Windows 11 24H2 release. This ensures a smooth transition for users upgrading to the latest Windows version and allows them to continue using Citrix Workspace app without any disruption.
Note:
The Enable MPR notifications for the System policy in the Group Policy Object template must be enabled to support the domain pass-through (single sign-on) authentication feature on Windows 11. By default, this policy is disabled on Windows 11 24H2. So, if upgraded to Windows 11 24H2, you must enable the Enable MPR notifications for the System policy.
Feature flag management
Citrix is changing the way that it manages feature flags, allowing access to preview features and enabling dynamic management of features in production. To ensure optimal functioning of features that are under feature flags, you need to enable traffic to the URL features.netscalergateway.net
.
For more information, see Feature flag management.
Single sign-on support for Edge WebView when using Microsoft Entra ID
Previously, when using Entra ID, authentication failed for Citrix Workspace app. With this release, Citrix Workspace app supports single sign-on (SSO) for Edge WebView when using Entra ID for authentication.
You can enable this feature using the UI or through Group Policy Object (GPO).
For more information, see Single sign-on support for Edge WebView when using Microsoft Entra ID.
Enhanced virtual desktop screen resizing experience
Starting with the 2409 version, Citrix Workspace app for Windows ensures a smooth transition and prevents dark screens and flickers when resizing or stretching your virtual desktop screen. This feature is enabled by default.
For more information, see Enhanced virtual desktop screen resizing experience.
Enhanced desktop launch experience
Starting with version 2409, Citrix Workspace app for Windows ensures an enhanced desktop launch experience. You experience a seamless, flicker-free transition to your desktop without intermediate screens. The app also eliminates dark screens and flickering during resizing or stretching, providing a stable and modern interface. This feature is enabled by default.
For more information, see Enhanced desktop launch experience.
Enhancement to sustainability initiative
With this release, the sustainability initiative from Citrix Workspace app is enhanced to include the following extra keywords:
-
ICA-Title="sample title"
: The sample title is shown as the title. It’s recommended to limit the title character count to 30. -
ICA-Icon=true
: The green-leaf icon is shown. If set to false, the green leaf icon is hidden.
Example:
KEYWORDS: ICA-LogOffOnClose=true ICA-PromptMessage="Do you want to sign out from the session?" ICA-Title="Logout or disconnect" ICA-Icon=true
<!--NeedCopy-->
Note:
With this enhancement, if old keywords are detected, the behavior reverts to the default behavior.
For more information, see the Sustainability initiative from Citrix Workspace app section.
Streamlined beacon checks
With this release, you can now use a single internal beacon to determine the network location, eliminating the need for both external and internal beacons. This feature reduces dependencies, enhances reliability, and improves the end-user experience.
.NET requirements
Citrix Workspace app for Windows now requires .NET Desktop Runtime 8.0 (8.0.4 or later). If the endpoint updates the .NET Desktop Runtime, any .NET Core-based app running at the time of the update might exhibit inconsistent behavior. To mitigate this issue, Citrix Workspace app restarts itself. Users will receive the following notification once the restart is complete:
Any active sessions will continue to work.
For endpoints with .NET 8.0.10 or later, see Knowledge Center article CTX692228.
For more information see, .NET requirements.
SOCKS5 proxy support for EDT
Previously, Citrix Workspace app only supported HTTP proxies operating on TCP. However, SOCKS5 proxy functionality was already fully supported within the Virtual Delivery Agent (VDA). For more information on VDA support, see the Rendezvous V2 documentation.
With this release, Citrix Workspace app now supports SOCKS5 proxies for Enlightened Data Transport (EDT), enhancing compatibility with modern enterprise network configurations.
Key benefits:
- Expanded proxy compatibility: Connect seamlessly through SOCKS5 proxies, widely used by enterprise networking teams for their support of both TCP and UDP traffic.
- Improved EDT performance: Use the full benefits of EDT (UDP-based) for optimized data transfer within Citrix Workspace app sessions.
For more information see, SOCKS5 proxy support for EDT.
Customization of Desktop Viewer toolbar
With this release, you can customize the options on the Desktop Viewer toolbar using the Global App Configuration service, Group Policy Editor, or any third-party endpoint management software capable of pushing Windows registry keys.
For more information see, Customization of Desktop Viewer toolbar,
Remember USB connections
This feature enhances the user experience when remoting USB devices to a Citrix Virtual Apps and Desktops session. While auto-redirection supports using device rules exists, this feature simplifies the process by remembering manually requested connections and reconnecting them with minimal configuration.
For more information see, Remember USB connections.
Disabling the “Exiting Full Screen Mode” tip prompt
Starting with Citrix Workspace app for Windows 2409, you can suppress the “Exiting Full Screen Mode” tip prompt that appears during HDX sessions using the Registry Editor.
For more information see, Disabling the “Exiting Full Screen Mode” tip prompt.
Support for WebHID API in UCSDK
Starting with the 2409 version, Citrix Workspace app for Windows supports the WebHID API to redirect Human Interface Device (HID) devices from an endpoint to Unified Communication SDK (UCSDK) integrated app on the VDI. It complies with the HID standard for bi-directional communication between the app that is integrated with UCSDK and the HID devices connected to the endpoint. With this feature, your UCSDK app interprets the HID headset commands such as Call accept, reject, mute, or unmute and so on in the HDX session for an enhanced user experience. This feature is enabled by default.
For more information see, Support for WebHID API in UCSDK.
Support for TLS protocol version 1.3
Starting with this release, Citrix Workspace app supports the Transport Layer Security protocol (TLS) version 1.3.
Note:
This enhancement requires VDA version 2303 or later.
This feature is disabled by default.
For more information, see Support for TLS protocol version 1.3.
Disabling TLS 1.0 or 1.1 communication protocols
Starting with Citrix Workspace app for Windows 2409, the use of TLS 1.0 or 1.1 communication protocols is no longer enabled nor supported by default. This change enhances security by removing deprecated and potentially insecure protocols.
Benefits:
- Enhanced Security: Disabling outdated protocols reduces the risk of security vulnerabilities.
- Compliance: Aligns with industry standards and recommendations, such as RFC 8996.
Default audio device selection
Starting with the 2409 version of Citrix Workspace app, you can now select your preferred audio devices directly from the Preferences section. This feature allows for the splitting of audio devices across different VDA (VDAs) and monitors, providing a more customized audio experience.
For more information, see Default audio device selection.
Virtual Channel Plugin Manager
The Virtual Channel Plugin Manager can detect when the end-user on the VDA launches a third-party application (for example, New Microsoft Teams), check if its respective VDI plug-in is already installed on the endpoint, and prompt the user to install the plug-in if it is not.
For more information, see the Virtual Channel Plugin Manager documentation.
Connection Strength Indicator on Desktop Viewer toolbar
Starting with version 2409, Citrix Workspace app for Windows now supports the Connection Strength Indicator (CSI) on the Desktop Viewer toolbar. This feature displays a network strength icon that alerts you of network issues. You can click the indicator to view real-time connection statistics for the client and VDA, and copy diagnostic information to share with IT for advanced troubleshooting.
Benefits:
- Immediate feedback: The network strength icon gently nudges users when network issues are detected.
- Enhanced troubleshooting: Real-time stats and diagnostics help users and IT teams quickly identify and resolve connectivity issues.
For more information, see the Connection Strength Indicator on Desktop Viewer toolbar.
Deprecation of HDX RealTime Optimization Pack for Skype for Business
Starting from the 2409 release, support for HDX RealTime Optimization Pack for Skype for Business is deprecated. As an alternative, you can use HDX WebRTC Optimization for supported applications.
Deprecation of PNAgent-based stores
Starting from the 2409 release, PNAgent-based stores are no longer supported. PNAgent support was officially deprecated in the 2403 release, as detailed in the deprecation table here.
Note:
We recommend connecting through StoreFront using a store URL instead.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 130.1.1.12, based on Chromium version 128. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
Technical Previews in 2409
- Enable Audio Quality Enhancer to improve audio performance
For the complete list of Technical Preview features, see the Features in Technical Preview page.
Fixed issues
-
The
ADDLOCAL
command to install the EPA client might fail. [CVADHELP-26132] -
As part of periodic polling or network refresh, when enabling or disabling a published resource in Citrix Studio, the SelfService UI does not refresh as expected. As a result, you might notice inconsistencies between the actual state and the displayed state of the published resources. [CVADHELP-26065]
-
You might fail to customize Citrix Workspace app using the App Personalization service. This issue occurs in Citrix Workspace app version 2405 or later. [RFWIN-36015]
-
You might fail to sign in to Citrix Workspace with Workspace Environment Management (WEM) tool hub when you use Active Directory and token for authentication. [CVADHELP-25836, RFWIN-35974]
-
When Plug and Play (PnP) is enabled, you might fail to switch webcam from the apps that shows only one camera with a generic name “Citrix HDX Web Camera.” [HDX-69731]
-
When a new user starts the virtual desktop for the first time, the session window appears small. Also, the window is placed in the upper left of the screen. The issue is observed on certain display devices with high DPI, such as the Microsoft Surface Pro. [HDX-62297]
-
The keyboard might fail to respond in a Citrix-published application after you unlock or switch out of a screensaver on the endpoint. [CVADHELP-25613]
-
Bidirectional Content Redirection might fail to bring the local web browser window to the foreground when clicking a URL link in a published application. [CVADHELP-24630]
-
You might notice that the audio device was not recognized if unplugged and replugged during a VDA session, requiring client reconnect for the device to be recognized. [CVADHELP-26125]
-
When you use published apps and desktops, you might experience that the session stops responding followed up by the Citrix HDX error. [CVADHELP-26118]
-
After enabling the device posture, you might be prompted for authentication during each periodic refresh until you successfully authenticate. [CVADHELP-26014]
-
After upgrading to Citrix Workspace app for Windows 2402, the default audio and communication devices might not work as expected. [CVADHELP-26044]
-
When moving an application window between monitors with different DPI values, you might experience double scaling or descaling, which can cause the published app to display black screens and graphical artifacts. [CVADHELP-26024]
-
The
wfica32.exe
process might exit unexpectedly and might cause session disconnections. [CVADHELP-26012] -
The
wfica32.exe
process might exit unexpectedly and this issue occurs intermittently. [CVADHELP-24886, CVADHELP-25934, CVADHELP-25769] -
You might notice that the first copy operation fails, requiring you to copy twice during the ICA session when using Citrix Workspace app for Windows version 2405.10. This issue occurs when the ‘Client clipboard write allowed formats’ policy is configured in conjunction with ‘Restrict client clipboard write’. This issue occurs on the Citrix Workspace app for Windows version 2405.10. [CVADHELP-26224]
-
The
wfica32.exe
process might exit unexpectedly. This issue occurs randomly on the Citrix Workspace app for Windows versions 2402.1–2405.1. [CVADHELP-26234] -
You might fail to scan from published apps and desktops when using Citrix Workspace app 2405.10. [CVADHELP-26390]
-
When Generic USB remoting is used on a system where Citrix Workspace app and Trellix Data Loss Prevention (DLP) are installed, the audio and video device might fail both locally and in the published app or desktop. To enable the fix, set the following registry key on the endpoint:
HKLM\SOFTWARE\Citrix\ICA Client\GenericUSB
- Name:
CompareFilterDriverName
- Type:
DWORD
- Value:
1
[CVADHELP-24904]
-
The URL of the DNS request made by the client is truncated and you might fail to open virtual apps and desktops. This issue occurs when the
DnsResolutionEnabled
parameter is set to True in DDC. [CVADHELP-24945] -
You might notice that the published apps and desktops are opening from the untrusted sites even though the Enforce trusted server connections feature is configured. [CVADHELP-25346,CVADHELP-24963]
-
When Citrix Workspace app uses Fast connect 3 credential insertion API for authentication, you might notice that the apps and desktops corresponding to the previous user are loaded. [CVADHELP-24011]
-
You might observe that the
wfica32.exe
process might stop responding when accessing certain apps in a double hop scenario after upgrading the first hop Citrix Workspace app version to 2402. [CVADHELP-26061] -
On Windows 11 machines, when attempting to return to the open Epic windows, they might appear open in the taskbar but do not display the actual Epic environment window. [CVADHELP-26225]
-
Store addition might fail for email-based stores that use HTTP redirection. [CVADHELP-26248]
-
When generating an ICA file using Storebrowse.exe, you might notice that published app names with non-ASCII characters lose some content under [ApplicationServers]. This issue occurs on Citrix Workspace app for Windows versions 2309 and later. [CVADHELP-26655]
-
The installation might fail midway when updating Citrix Workspace app using the
/CleanInstall
command if App Protection is running. With the fix, you will receive the following error message at the beginning of the installation:It is recommended to either uninstall Citrix Workspace app first or upgrade without using the
/CleanInstall
if App Protection is already running.[APPP-3818]
2405.12
What’s new
Version upgrade for Chromium Embedded Framework
The version of the Chromium Embedded Framework (CEF) is upgraded to 128.0.6613.120. This upgraded version includes fixes for known security vulnerabilities.
Fixed issues
This release addresses a few issues that help to improve overall performance and stability.
2405.11
What’s new
Note:
The Enable MPR notifications for the System policy in the Group Policy Object template must be enabled to support the domain pass-through (single sign-on) authentication feature on Windows 11. By default, this policy is disabled on Windows 11 24H2. So, if upgraded to Windows 11 24H2, you must enable the Enable MPR notifications for the System policy.
This release addresses a few issues that help to improve overall performance and stability.
Fixed issues
Session launch might fail when the anti-keylogging feature of App Protection is enabled. This issue occurs only on Windows 11 24H2. [CVADHELP-26231]
2405.10
What’s new
Note:
The minimum Microsoft Visual C++ Redistributable version required for Citrix Workspace app for Windows 2405.10 is 14.40.33810.0.
This release addresses issues that help to improve overall performance, security, and stability.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 126.1.1.23, based on Chromium version 126. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
Fixed issues
-
The enhanced domain pass-through for single sign-on feature might not support Windows 11 22H2. For more information, see Enhanced domain pass-through for single sign-on documentation. [HDX-63918]
-
You might fail to sign in to Citrix Workspace with Workspace Environment Management (WEM) tool hub when you use Active Directory and token for authentication. [CVADHELP-25836],[RFWIN-35974]
-
You might fail to add Citrix Gateway URL using Storebrowse and might fail to open sessions when using EPIC WarpDrive. This issue occurs due to case sensitivity of Storebrowse process name given while creating. [RFWIN-35687], [CVADHELP-25736]
-
When Citrix Workspace app uses Fast Connect 3 Credential Insertion API for authentication, you might notice that the CtxCredApi.dll, which is used to inject credentials in SSON server, is present only for x64 systems. As a result, you might not be able to use the CtxCredApi.dll when running on x86 apps. [RFWIN-35818]
-
Browser Data Encryption might not work if the user data isn’t stored on the same drive where the OS is installed. [DATAP-896]
-
Copying files from a virtual session and pasting it to your local system doesn’t work after upgrading Citrix Workspace app to 2405 version. [CVADHELP-26010]
-
You might fail to open apps and desktops and might get a connection timeout error. This issue occurs in Citrix Workspace app for Windows version 2405. [CVADHELP-25900]
-
You might fail to add Citrix Gateway URL using Storebrowse and might fail to open sessions when using EPIC WarpDrive. This issue occurs due to case sensitivity of Storebrowse process name given while creating. [CVADHELP-25736]
-
The App Protection USB Filter Driver exclusion list might not work when configured using GACS. [APPP-3229]
2405
What’s new in 2405
- Compatibility with the higher versions of .NET
- Single sign-on support for ARM64-based devices
- New Add-ons and packaging
- Configure store names for your store URL
- Improved Beacon checker tool
- Option to prevent endpoint from going to sleep when a session is active
- Enhancement to relative mouse
- Share system audio
- Upgraded version of WebRTC for the optimized Microsoft Teams
- Support for MJPEG webcams
- Version upgrade for Chromium Embedded Framework
- Enhanced System Logs for browser content redirection
- Browser Content Redirection and Microsoft Teams Optimization support for ARM64 based devices[Technical Preview]
- App Protection support for double-hop scenario
- App Data Protection[Technical Preview]
Compatibility with the higher versions of .NET
Citrix Workspace app for Windows version 2405 is compatible with the higher versions of .NET that are supported on your system. To ensure this compatibility, Citrix Workspace app follows these installation rules:
- If .NET 6.0.20 or any supported higher version of .NET is installed on the system, Citrix Workspace app does not install any additional .NET versions.
- If.NET isn’t installed on the system or a version less than 6.0.20 is installed on the system, Citrix Workspace app installs .NET version 6.0.25.
- If you install any supported higher version of .NET, Citrix Workspace app is compatible with the highest available .NET version. For example, you can install .NET 8.x and uninstall .NET 6.0.25. In this case, Citrix Workspace app uses the .NET 8.x version.
Single sign-on support for ARM64-based devices
From this 2405 release, Citrix Workspace app for Windows supports the single sign-on feature on the ARM64-based devices. For more information on single sign-on, see the Authentication page.
New Add-ons and packaging
From Citrix Workspace app for Windows 2405 version, you can choose the following from the Add-on(s) page during the upgrade of Citrix Workspace app:
- Start App Protection after installation
- Enable single sign-on
- Install Microsoft Teams VDI Plugin
You can uninstall Microsoft Teams Optimization VDI plug-in independent of Citrix Workspace app.
Note:
If a plug-in is already installed on your system, that plug-in option is selected automatically for upgrade. Also, if you don’t have sufficient privileges to download the plug-in, that option won’t be visible on the Add-on(s) page.
Configure store names for your store URL
With this feature, admins can give the stores a user friendly name to recognize. In addition, admins can enable or disable the ability for end users to modify the store name on their Citrix Workspace app.
For more information, see Configure store names for your store URL.
Improved Beacon checker tool
As part of the Configuration Checker utility, Citrix Workspace app allows you to do a beacon test using the Beacon checker tool.
Earlier the Beacon test supported only the ping.citrix.com
beacon. Starting from Citrix Workspace app for Windows 2405 version onwards, beacon test works for all the beacons configured in the store added in Citrix Workspace app.
For more information, see Configuration Checker and Beacon test.
Option to prevent endpoint from going to sleep when a session is active
When a user with an active session stays away from the virtual desktop without any mouse or keyboard activity, the endpoint device might go into sleep mode after completing the set time for Windows sleep mode. As a result, the Citrix session might be disconnected and when the user returns to the session, the user might be unable to reconnect to the existing session.
With this release, a new policy named Power Management is introduced to prevent the endpoint devices from going to sleep when a session is active.
For more information, see Option to prevent endpoint from going to sleep when a session is active.
Enhancement to relative mouse
With this release you can restrict the usage of the mouse to the window using the preferences UI available from the toolbar. This enhancement helps you to use the apps that need to monitor mouse movement extending to or beyond the boundaries of the virtual desktop’s screen. These apps include third-party apps or those apps that scroll a view in response to mouse movement. For more information, see Enhancement to relative mouse.
Share system audio
You can now share the audio playing on your VDA with participants in a meeting. Select the Include computer sound option to make your meetings more engaging. This feature is enabled by default. For end users, to use the feature, turn on Include computer sound on before sharing their screen.
Limitations:
- Audio cannot be shared using this feature when sharing the screen with RAVE and BCR redirected apps or tabs.
- This feature is supported only on published desktops.
Upgraded version of WebRTC for the optimized Microsoft Teams
The version of WebRTC that is used for the optimized Microsoft Teams is upgraded.
Support for MJPEG webcams
Starting with the 2405 version, MJPEG webcams are supported in the H264 stream. The webcam performs MJPEG compression internally which provides better image quality and a higher frame rate.
This feature is enabled by default. However, if certain Webcam doesn’t support MJPEG, this feature is disabled.
Version upgrade for Chromium Embedded Framework
The version of the Chromium Embedded Framework (CEF) is upgraded to 124. This upgraded version includes fixes for known security vulnerabilities.
Enhanced System Logs for browser content redirection
With the enhancements to the System Logs, browser content redirection now allows admins to monitor the feature status. For more information, see Browser content redirection.
App Protection support for double-hop scenario
Starting with the Citrix Workspace app for Windows 2405 version, App Protection is supported for the double-hop scenario when installed on a workstation VDA (such as Windows 10 or Windows 11) for a single-session VDA.
The following features are currently supported:
For more information, see App Protection with double-hop scenario.
App Data Protection [Technical Preview]
App Data Protection is a feature that provides enhanced security when using the Citrix Enterprise Browser.
When you are using the Citrix Enterprise Browser enabled with the App Data Protection feature, it protects the following by encrypting them:
- Auto-fill data
- Bookmarks
- Browser cache
-
Browser storage folders
Note:
Browser storage folders don’t include user downloads.
- Cookies
- History
- Network cache
- Password vault
- Settings
Note:
You can only access the encrypted data by opening them using the Citrix Enterprise Browser.
App Data Protection doesn’t protect the following:
- Downloaded files
- Extensions
To configure the App Data Protection feature, see App Data Protection.
Disclaimer:
Browser encryption policies provide device level encryption for data generated through Citrix Enterprise Browser. Please note however that we do not guarantee such device level encryption through Citrix Enterprise Browser will protect any end user device. While we continue to identify and address changes to encryption technology to better optimize our product, we also do not guarantee protection of specific configurations and deployments or for users with elevated privileges.
Limitations
- If the App Data Protection feature isn’t enabled in the primary store, the App Data Protection will not be enabled for any store. As a workaround, you can limit users to add only one store to your Citrix Workspace app. This ensures that the App Data Protection remains enabled for the connected store always.
- When App Data Protection is disabled on GACS, the encrypted items (as listed in the preceding section) are deleted.
- Admin user can access other system users’ cache data through Citrix Enterprise Browser.
For more information, see App Data Protection.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 126.1.1.20, based on Chromium version 126. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
Modify the user-agent of Citrix Enterprise Browser
Administrators can now modify the Citrix Enterprise Browser’s user-agent for any internal web or SaaS apps. You can configure this through Global App Configuration service. This feature provides the flexibility to create different variations of the user-agent for Citrix Enterprise Browser, which you can use for various uses.
One such use-case is the ability to restrict the internal web or SaaS apps to open only in Citrix Enterprise Browser. In addition to modifying the user-agent, you need to configure the Identity Provider (IdP) to perform a conditional check that verifies whether the end user is trying to open the app using Citrix Enterprise Browser or a native browser. The IdP opens the app only if end user tries to access it using Citrix Enterprise Browser. This restriction prevents users from accessing sensitive information in these apps from other browsers.
For more information, see Use Case 3c - Restrict apps to Citrix Enterprise Browser by modifying its user-agent.
Additional security restrictions for the Citrix Enterprise Browser
Citrix introduces additional access restrictions to enhance the security and user experience of Citrix Enterprise Browser with Secure Private Access and Global App Configuration service (GACS).
Restrictions managed through Secure Private Access
Copy:
Administrators can enable or disable copying of data from a SaaS or internal web app with this access policy when accessed via Citrix Enterprise Browser. The default value is Enabled.
For more information, see the Copy restriction in Secure Private Access product documentation.
Paste:
Administrators can enable or disable pasting of copied data into the SaaS or internal web app with this access policy when accessed via Citrix Enterprise Browser. The default value is Enabled.
For more information, see the Paste restriction in Secure Private Access product documentation.
Personal data masking:
Administrators can use the Personal data masking restriction to mask various types of sensitive information such as credit card numbers, social security numbers, and dates. Additionally, you have the flexibility to define custom rules for detecting specific types of sensitive information and masking it accordingly. The Personal data masking restriction has the option to fully or partially mask the information.
For more information, see Personal data masking.
Upload restriction by file type:
Administrators can restrict file uploads based on MIME (multi-purpose internet mail extensions) types. Unlike the Uploads policy, which allows you to enable or disable all file uploads, the Upload restriction by file type restriction allows you to enable or disable file uploads for specific MIME types.
For more information, see Upload restriction by file type.
Download restriction by file type:
Administrators can restrict file downloads based on MIME (multi-purpose internet mail extensions) types. Unlike the Downloads policy, which allows you to enable or disable all file downloads, the Download restriction by file type restriction allows you to enable or disable file downloads for specific MIME types.
For more information, see Download restriction by file type.
Printer management:
Enterprises can now prevent the printing of confidential documents and unauthorized data sharing. Admins can configure this policy through Secure Private Access. Admins can configure the behavior for network printers, local printers, and print using the Save as PDF option.
The following options are available for administrators to control access to printers for the end users:
-
Network printers: A network printer is a printer that can be connected to a network and used by multiple users.
- Disabled: Printing from any network printers in the network is disabled.
- Enabled: Printing from all network printers is enabled. If printer hostnames are specified, then all other network printers apart from the ones specified are blocked.
Note:
Printers are identified by their hostnames.
-
Local printers: A local printer is a device directly connected to an individual computer. This connection is typically facilitated through Bluetooth, USB, parallel ports, or other direct interfaces.
-
Disabled: Printing from all local printers is disabled.
-
Enabled: Printing from all local printers is enabled.
-
-
Print using Save as PDF
-
Disabled: The Save as PDF option for saving the content in PDF format is disabled.
-
Enabled: The Save as PDF option for saving the content in PDF format is enabled.
-
Note:
- If the admin has disabled certain printing options, then those options appear grayed out to the end users.
- End users can’t use the network printer if it is renamed on their device.
Clipboard restriction for Security groups:
In Secure Private Access, administrators can restrict clipboard access to any designated group of apps. These designated group of apps are created as Security groups in Secure Private Access, so that the end users are permitted to copy and paste contents only within that Security groups. There is also an Advanced option to enable copy and paste contents between Security groups and other local apps on the machines or unpublished web apps.
For more information, see Clipboard restriction for Security groups.
Restrictions managed through Global App Configuration service
Clipboard restriction:
In GACS, administrators can use the Enabled Sandboxed Clipboard option to manage clipboard access. When you restrict clipboard access through GACS, all content copied from any website accessed within the Citrix Enterprise Browser can’t be pasted outside the Enterprise Browser. Similarly, any content copied from native apps can’t be pasted into any website accessed within the Enterprise Browser.
For more information, see Clipboard restriction.
Audio Capture Allowed:
Administrators can use this setting to enable or disable audio capture access. When an administrator enables this setting, or leaves it unset, users are prompted to allow audio capture access. When an administrator disables this setting, these prompts are turned off, and audio capture is blocked.
For more information, see Audio Capture Allowed.
Video Capture Allowed:
Administrators can use this setting to enable or disable video capture access. When an administrator enables this setting, or leaves it unset, users are prompted to allow video capture access. When an administrator disables this setting, these prompts are turned off, and video capture is blocked.
For more information, see Video Capture Allowed.
Technical Preview
- Browser Content Redirection and Microsoft Teams Optimization support for ARM64-based devices
For the complete list of Technical Preview features, see the Features in Technical Preview page.
Fixed issues
-
When the ICA-prefix keywords are set for a cloud hybrid session and when a user reconnects to the disconnected desktop, the user might fail to see the prompt that appears to sign out from the desktop session. [WSP-24115]
-
You might fail to add a custom portal store using the group policy editor when the storeAdditionAllowType is set to single in the Global App Config service. [RFWIN-35218]
-
When you enable the VPrefer policy, the apps that require User Account Control (UAC) elevation might fail to open. [RFWIN-35169]
-
When the NetScaler Gateway store is configured through the command line or Group Policy Editor, you might not be able to sign in to the store and might get the following error message:
“Unable to connect to the Server check your network connection” [RFWIN-35180]
-
You might be able to click the resources in Citrix Workspace app for Windows multiple times in a short duration before the resource is successfully launched. [RFWIN-35268]
-
When an admin enables the Name enforced by admin property and then updates the store name, the updated name might not appear on the UI when you reopen the Citrix Workspace app. [RFWIN-32918]
-
You might notice that the echo cancellation might not be supported with Citrix Workspace app. [HDX-63363]
-
H265 444 on Intel might result in artifacts being visible in the session. [HDX-60061]
-
You might fail to add a custom portal store using the group policy editor when the storeAdditionAllowType is set to single in the Global App Config service. [RFWIN-35218]
-
When you switch from a desktop session to the endpoint native session of another user and then switch back to the desktop session, you might observe a gray screen. This issue occurs when using the desktop lock feature and when using multiple monitors. [CVADHELP-24582]
-
After you perform the Cylance Antivirus update, you might notice a Blue Screen of Death (BSOD) on users device. This issue occurs when the Citrix Workspace app is installed on user device. [CVADHELP-24776]
-
You might notice that the shortcut keys that are used internally in your organization don’t work in the virtual session when using Citrix Workspace app 2311. These shortcut keys include any combination of Windows key + modifier keys such as (Ctrl/ Alt/ Shift) + L or U. For example: Windows key + Alt + L. [CVADHELP-25150]
-
Citrix HDX session might get in to an unresponsive state when the virtual channel for scanners is initiated. [CVADHELP-24681]
-
App Protection anti-keylogging bypass when using special keys. [CVADHELP-24452]
-
Installation of Crestron app might fail, if you have installed DG Solutions and Citrix Workspace app for Windows with App Protection feature enabled. [CVADHELP-24476]
-
Microsoft Teams might fail to optimize due to time out issue. This issue occurs randomly and from Citrix Workspace app version 2210 or later. [CVADHELP-22867]
-
When you open Citrix Workspace app on an endpoint device, the store configuration might be incomplete and the apps might fail to enumerate intermittently. [CVADHELP-25179]
-
When Citrix Workspace app is running and configured with a store, you might notice a timeout issue with the third-party app due to flushing of DNS cache by Citrix Workspace app. [CVADHELP-24594]
-
When Citrix Workspace app uses Fast connect 3 credential insertion API for authentication, you might notice that the apps and desktops corresponding to the previous user are loaded. [CVADHELP-24011]
-
If you’re using multiple monitors and the Desktop Viewer is maximized across them, the VDA might receive an incorrect mouse position when you start dragging. This issue occurs on the Citrix Workspace app for Windows 2203 LTSR version and on the Citrix Workspace app for Windows version 2402. [CVADHELP-24688]
-
When you uninstall Citrix Workspace app for Windows as an admin and then install the Citrix Workspace app’s 2402 LTSR version in a user mode, you might fail to open a session. [CVADHELP-25341], [HDX-65644]
-
In a double-hop scenario, the ALT +TAB key might not work on macOS clients. [CVADHELP-23085]
-
If a full-screen HDX session is on focus, and the endpoint is locked using Ctrl+Alt+Del, users might be unable to type anything after unlocking. [CVADHELP-24512]
2403.1
What’s new
This release addresses issues that help to improve overall performance, security, and stability.
Fixed issues in 2403.1
- When you are using a virtual desktop session, the keyboard shortcuts with Alt might not work as expected. For example,
Ctrl + Alt + Break
, which is used to access the menu options of desktop viewer toolbar and to toggle between the windowed and the full-screen modes. [RFWIN-31815] - If you have Real-Time Media Engine (RTME) older than 2.9.700 version installed on the end point device, you might fail to open published apps or desktops. This issue occurs on Citrix Workspace app for Windows 2403 and on Citrix Workspace app for Windows 2402 LTSR versions. [HDX-63684]
2403
What’s new
The following features are added in this release:
- Sustainability initiative for cloud hybrid launch
- Enhanced domain pass-through for single sign-on (Enhanced SSO)
- Support for advanced NetScaler policies for Storebrowse on Windows
- Version upgrade for Chromium Embedded Framework
- Install Microsoft teams VDI plug-in for Citrix
- Hide Troubleshooting and Send Feedback options for end users
- Deprecation of PNAgent support
-
App Protection
- Citrix Endpoint Analysis
- Citrix Enterprise Browser
Sustainability initiative for cloud hybrid launch
Note:
This feature was previously available for native launches (cloud and on-premises) from the Citrix Workspace app 2309 version onwards.
From the Citrix Workspace app 2403 version, this feature is available for hybrid launches on cloud. After this feature is enabled, a prompt appears to sign out from the desktop session when a user closes a virtual desktop. This feature helps conserve energy if there are Windows OS policies that are used to shut down VMs when no users are logged in. You can also customize the text that appears on the Save energy screen. For more information, see Sustainability initiative for cloud hybrid launch.
Enhanced domain pass-through for single sign-on (Enhanced SSO)
Previously, Citrix Workspace app for Windows supported only SSON or domain pass-through authentication for single sign-on to Citrix Virtual Apps and Desktops environments using user credentials. This authentication enables the user to authenticate to the domain on their device and use their virtual apps and desktops without having to reauthenticate again.
With this release, Citrix Workspace app supports enhanced domain pass-through which is a new method of SSO. It leverages Kerberos authentication instead of user credentials. Users can now sign in to Citrix Virtual Apps and Desktops and to StoreFront using integrated windows authentication. For more information, see Enhanced domain pass-through for single sign-on (Enhanced SSO).
Support for advanced NetScaler policies for Storebrowse on Windows
Citrix Workspace app for Windows now supports advanced policies on NetScaler Gateway with Storebrowse. The supported authentication protocol is LDAP authentication. Storebrowse is a command-line utility that interacts between the client and the server. It’s used to authenticate all the operations within StoreFront and with Citrix Gateway. For more information, see the Storebrowse page.
Note:
The nFactor authentication protocol isn’t supported with Storebrowse on Windows.
Install Microsoft Teams VDI plug-in for Citrix
You can now install Microsoft Teams VDI plug-in during the installation of Citrix Workspace app using one of the following options.
Note:
For version compatibility with VDI and configuration details, see Microsoft Teams 2.1 supported for VDI/DaaS and New Teams VDI requirements.
Hide Troubleshooting and Send Feedback options for end users
Admins can now hide the troubleshooting and send feedback options for their end users using the GPO editor. Once this setting is enabled, the Troubleshooting and Send Feedback options which were previously visible to the end users on the system tray is hidden. For more information, see Hide Troubleshooting and Send Feedback options for end users.
App Protection
Screen Capture Allow List
If Citrix Workspace app, virtual apps and desktops, or SaaS apps are enabled with the App Protection Anti-screen capture policy, then you can’t capture their screens using any screen-capturing tool.
However, starting from the Citrix Workspace app for Windows 2403 release, the Screen Capture Allow List feature enables you to add an app to the screen capture allow list. This feature enables you to use the allow listed app and capture the screen of the resource enabled with the App Protection Anti-screen capture policy. For more information, see Screen Capture Allow List.
Process exclusion list
When you launch any process or application on your device, App Protection DLLs are injected into each process if the App Protection is enabled. Sometimes, this might cause the process or application not to work due to compatibility issues with the DLL.
Starting from the Citrix Workspace app for Windows 2403 release, you can add any process to the Process exclusion list to avoid the injection of the App Protection DLL into that particular process and recover from any compatibility issues caused by the presence of App Protection DLLs. For more information, see Process exclusion list.
USB Filter Driver Exclusion List
Sometimes, when you’re using specialized external keyboards such as gaming keyboards with the Citrix Workspace app, the App Protection USB Filter Driver might cause compatibility issues and block you from using the keyboard.
Starting from the Citrix Workspace app for Windows 2403 release, the USB Filter Driver Exclusion List feature allows you to exclude any USB device that has compatibility issues with the Citrix Workspace app using the device Vendor ID and Product ID. For more information, see USB Filter Driver Exclusion List.
Version upgrade for Chromium Embedded Framework
The version of the Chromium Embedded Framework (CEF) is upgraded to 120. This version upgrade helps to resolve security vulnerabilities.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 123.1.1.9, based on Chromium version 123. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
Security indicator when visiting websites
Citrix Enterprise Browser now displays a security indicator on the address bar when users visit any websites. The indicator aims to inform users about the security aspects of the websites, such as whether it’s an internal site or if there are any potential security restrictions. The indicator provides more information when you click it. The indicator appears on the Enterprise browser by default, and it enhances the user experience.
Citrix Enterprise Browser introduces more settings in the Global App Configuration service
More settings have been added into the Global App Configuration service (GACS) for configuring Citrix Enterprise Browser.
- Enable autofill address - Allows administrators to enable or disable the autofill suggestions for addresses.
- Enable autofill credit card - Allows administrators to enable or disable the autofill suggestions for credit card information.
- Auto launch protocols from origins - Allows administrators to specify a list of protocols that can launch an external app from the listed origins without prompting the user.
- Enable command-line flag security warnings - Allows administrators to display or hide security warnings, which appear when potentially dangerous command-line flags try to launch the Enterprise Browser.
- Manage default cookies setting - Allows administrators to manage cookies for a website.
- Manage default pop-ups setting - Allows administrators to manage pop-ups from a website.
- Extension install sources - Allows administrators to specify valid sources for users to install extensions, apps, and themes.
- Disable lookalike warning pages - Allows administrators to specify the preferred domains where lookalike warning pages don’t display when the user visits pages on that domain.
- Enable payment method query - Allows administrators to enable websites to check whether the users have saved payment methods.
- Manage saving browser history - Allows administrators to manage the saving of Enterprise browser history.
- Manage search suggestion - Allows administrators to enable or disable search suggestions in the Enterprise browser’s address bar.
- Enable export bookmark - Allows administrators to enable an option to export the bookmarks in the Enterprise Browser.
- Force ephemeral profiles - Allows administrators to clear or persist user profile data when users close the Enterprise Browser.
For more information, see the Manage Citrix Enterprise Browser through Global App Configuration service page in the Citrix Enterprise Browser documentation.
For more information on example JSON data, see Example JSON data.
Citrix Endpoint Analysis
With this release, the EPA Client is bundled with the Citrix Workspace app installer. To install the client, Citrix Workspace app must be installed with the command line option InstallEPAClient
.
Example: ./CitrixworkspaceApp.exe InstallEPAClient
Note:
EPA isn’t installed by default.
In this release, the EPA version packaged is 23.11.1.20.
Deprecation of PNAgent support
Starting from the 2403 release, support for XenApp Services URLs (also known as PNAgent) for connecting to stores is deprecated. Use Citrix Workspace app to connect to stores using the store URL. For reference, see:
- Deprecation page in the Citrix Workspace app for Windows documentation.
- Deprecation notices page in StoreFront documentation.
Technical Previews in 2403
- Share sytem audio
For the complete list of Technical Preview features, see the Features in Technical Preview page.
Fixed issues in 2403
-
You might notice that there’s no automatic focus inside the virtual desktop that is opened in full-screen mode. You must click inside the session to regain focus. [RFWIN-32051]
-
On reconnecting published apps an extra instance of a published app gets opened. [CVADHELP-24485]
-
The Windows Surface touch pad and soft keyboard might not be supported on the Citrix Workspace app sign-in screen. This issue occurs when you sign in to a session that is published from Windows VDA in full-screen mode. [RFWIN-32050]
-
Two instances of a published application, for example app1, are observed after app1 is disconnected and another app is launched from the same VDA. [RFWIN-32517]
-
For the Windows 10 32bits x86 version, the Enable Background blur checkbox is removed as the background blur effect isn’t supported on this version. [HDX-60308]
-
You might notice visual artifacts when attempting to split the screen or adjust the primary monitor within the Monitor Layout tab on the Preferences screen. [HDX-59798]
-
Windows Media Player (WMP) shows a black screen with rave enabled on one monitor when the primary monitor isn’t the leftmost monitor (when multiple GPUs are involved). [HDX-60494]
-
When you share a screen and include the computer sound, if multiple audio output devices are playing sound, one or more receivers might notice sound artifacts. [HDX-48213]
-
BCR might play multiple audio streams at the same time instead of one active stream. [HDX-61600]
-
If you use external monitors and then switch to a single monitor (for example laptop), the size of Citrix Workspace app menu options, UI text, and dialog boxes might appear smaller than the normal display size. [HDX-47575]
-
If you’re using mono audio for stereo audio streams, you might hear only one audio channel in one earpiece instead of receiving both channels on both ears. [HDX-56344]
-
While uninstalling Citrix Workspace app 2403 for Windows - Preview version from the Control Panel > Programs > Programs and Features, the following pop-up appears:
The issue occurs intermittently on Windows 11 machines. Also, this issue doesn’t occur in any other uninstallation methods including uninstall from Start > Apps > Apps & Features. The uninstallation is completed successfully even though you get the preceding error message. [RFWIN-32669]
-
Screensharing from chat in Microsoft Teams is not supported. [HDX-62146]
-
Citrix Workspace app installer stops responding during fresh installation if unicode characters are specified in command line during installation. [RFWIN-32987]
-
When you upgrade to Citrix Workspace app 2403 version, the InstallEmbeddedBrowser=N command is not executed if Citrix Enterprise Browser is already installed. [RFWIN-33169]
-
Citrix Workspace app startup process might run within published app sessions by default. If you want to run the startup process in a published app session, configure the registry key
RunCWAInPublishedAppSession
of typeDWORD
inHKLM/Software/Wow6432Node/Citrix/ICA Client
. [CVADHELP-24070]
2311.1
What’s new
The following features are added in this release:
- Introducing new installer for Citrix Workspace app
- Support for Activity Manager on cloud stores
- Automatic selection of video codec
- Loss tolerant mode for audio
- Synchronize multiple keyboards at session start
- Improved performance of BCR
- Version upgrade for Chromium Embedded Framework
- Important update on App Protection file names
-
Citrix Enterprise Browser
- Improved user experience and session reload time
- Improved watermark design
- Support for custom browser extension
- Simplified SSO for Web and SaaS apps through the Global App Configuration service
- Manage pass-through authentication in Citrix Enterprise Browser
- Enhanced capabilities on monitoring end user activities
Note:
Starting with Citrix Workspace app for Windows version 2311.1, Internet Explorer-based browser content redirection is deprecated. The alternate option is to use Google Chrome-based browser content redirection.
Introducing new installer for Citrix Workspace app
The user interface of the Citrix Workspace app installer is revamped to give a modern, easy outlook, and a better user experience. By default, the new installer is enabled.
Prerequisites:
.Net Desktop Runtime 6.0.20 or later is an additional pre-requisite for the new installer. For other requirements, see System requirements section.
The new installer is enabled by default. For more information, see User interface based installation.
Note:
Starting with Citrix Workspace app for Windows 2311.1 version, the
TrolleyExpress
is replaced withCWAInstaller-<date and timestamp>
. For example, the log is recorded atC:\Program Files (x86)\Citrix\Logs\CTXWorkspaceInstallLogs-20231225-093441
.
Support for Activity Manager on cloud stores
Citrix Workspace app for Windows supports the Activity Manager feature. This feature lets end users view and interact with all their active apps and desktop sessions in one place. To view active sessions in the Activity Manager, click the Activity Manager icon. You can perform the following actions on an app or desktop by clicking the respective ellipsis(…) button from the Activity Manager:
- Log out: Logs out from the current session. All the apps in the session are closed, and any unsaved files are lost.
- Disconnect: The remote session is disconnected but the apps and desktops are active in the background.
- Restart: Shuts down your desktop and start it again.
- Shutdown: Closes your disconnected desktops.
- Force quit: Forcefully power off your desktop if there is a technical issue.
- Click the X button to terminate the active app session from the Activity Manager.
For more information, see Activity manager.
Note:
This feature is available in Citrix Workspace app for Windows only if the new Workspace experience is enabled.
Automatic selection of video codec
With this release, Citrix Workspace app for Windows now automatically detects the best video codec to use. During installation of the Citrix Workspace app for Windows, the decoding capabilities of the endpoint are evaluated. Based on this information, Citrix Workspace app for Windows selects the best codec to use with the VDA when the session starts. The order in which the video codecs are evaluated is as follows:
- AV1
- H.265
- H.264
This feature is available when the Use video codec for compression policy is set to one of the following:
- Use when preferred
- For the entire screen
- For actively changing regions
For more information on the Use video codec for compression policy, see Use video codec for compression.
The automatic selection only applies to YUV 4:2:0 variants of these codecs. YUV 4:2:0 uses less bandwidth compromising quality. If the Visual Quality policy setting is set to Build-to-Lossless or Always Lossless and if the Allow Visually Lossless policy is set to enabled, the automatic selection of the video codec is disabled and instead YUV 4:4:4 H.264 or H.265 is used.
For more information on these policies, see the following:
This feature is enabled by default.
For more information, see Automatic selection of video codec.
H.265
Citrix Workspace app supports the use of the H.265 video codec for hardware acceleration of remote graphics and videos. H.265 video codec must be supported and enabled on both the VDA and Citrix Workspace app.
Starting with Citrix Workspace app 2311.1, this feature is enabled automatically with the introduction of the Automatic selection of video codec feature.
For more information, see the H.265 documentation.
AV1
Citrix Workspace app supports the use of the AV1 video codec for hardware acceleration of remote graphics and videos. AV1 video codec must be supported and enabled on both the VDA and Citrix Workspace app.
Starting with Citrix Workspace app 2311.1, this feature is enabled automatically with the introduction of the Automatic selection of video codec feature.
For more information, see the AV1 documentation.
Loss tolerant mode for audio
With this release, Citrix Workspace app supports Loss tolerant mode (EDT lossy) for audio redirection. This feature improves the user experience for real-time streaming when users are connecting through networks with high latency and packet loss.
You need to use VDA version 2311 or later. By default, this feature is enabled on Citrix Workspace app for Windows. However, it is disabled on VDA.
For more information, see the Loss tolerant mode for audio documentation.
Synchronize multiple keyboards at session start
Previously, only the active keyboard on the client was synchronized with VDA after the session started in full-screen mode. In this scenario, if you configured Sync only once - when session launches on your Citrix Workspace app, and you had to change to a different keyboard, you have to manually install the keyboard on your remote desktop. Similarly, if you configured Allow dynamic sync on your Citrix Workspace app, you have to move to windowed mode, change the keyboard on your client, and then move back to full-screen mode.
With this release, all available keyboards on the client are synchronized with VDA after the session starts in full-screen mode. You can select the required keyboard from the list of installed or available keyboards on the client after the session starts in full-screen mode. The feature Synchronize multiple keyboards at session start is enabled by default on VDA, and disabled by default on the Citrix Workspace app.
For more information, see the Synchronize multiple keyboards at session start documentation.
Improved performance of BCR
Previously, BCR used client-side disk space cache and the cached information wasn’t deleted during an upgrade. This setting resulted in higher disk space usage over time and inconsistent behavior while a page is redirected using BCR.
With this release, to resolve this issue, BCR uses an in-memory cache. This enhancement helps to improve the performance of BCR.
This feature is disabled by default.
For more information, see Improved performance of BCR.
Version upgrade for Chromium Embedded Framework
The version of the Chromium Embedded Framework (CEF) is upgraded to 117. This version upgrade helps to resolve security vulnerabilities.
Important update on App Protection file and driver names
Starting with Citrix Workspace app for Windows 2311.1, the following file and driver names are updated as follows:
Existing name | New name |
---|---|
EntryProtect.dll |
ctxapdotnet.dll |
entryprotect.sys |
ctxapdriver.sys |
epclient32.dll |
ctxapclient32.dll |
epclient64.dll |
ctxapclient64.dll |
epinject.sys |
ctxapinject.sys |
epusbfilter.sys |
ctxapusbfilter.sys |
entryprotectdrv |
ctxapdriver |
epinject6 |
ctxapinject |
These files are installed at %ProgramFiles(x86)%\Citrix\ICA Client
by default.
If you’ve added any of the preceding file or driver names to the allow list in your environment, update the allow list.
Enhancement to background blurring and effects for Microsoft Teams optimization with HDX
Starting with Citrix Workspace app version 2311.1, you can select the following options for background blurring and effects:
- No background effect
- Select Background Blurring
- Select Background Image
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 119.1.1.60, based on Chromium version 119. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
Improved user experience
Previously, Citrix Enterprise Browser displayed a reconnection modal when you attempted to perform an action after your session expired. Starting with Citrix Workspace app for Windows version 2311.1 (which corresponds to the Chromium version 119.1.1.60), there is no longer a reconnection modal. Instead, a loading icon now appears on the browser tab when you attempt to perform any action after your session expires.
Improved watermark design
Citrix Enterprise Browser now has a new watermark design that is less intrusive and provides a better user experience.
Support for custom browser extension
Citrix Enterprise Browser has expanded its extension capabilities. Previously, only extensions from the Chrome Web Store were permitted. Citrix Enterprise Browser now allows you to add custom extensions securely. Administrators can configure custom extensions as part of the mandatory list. End users can access and use these extensions either via citrixbrowser://extensions
or by clicking the Extensions option under the More button as needed. For more information on how to configure the custom extensions, see Mandatory custom extension.
Simplified SSO for Web and SaaS apps through the Global App Configuration service
Previously, single sign-on (SSO) was configured for Citrix Enterprise Browser using the PowerShell module. Now, this simplified SSO feature allows you to configure SSO in Citrix Enterprise Browser by using a newly introduced setting in the Global App Configuration service (GACS). Administrators can use this new setting to enable SSO for all web and SaaS apps in Citrix Enterprise Browser. This method eliminates the need for the complex PowerShell module. For more information on how to manage SSO through GACS, see Manage single sign‑on for Web and SaaS apps through the Global App Configuration service.
Note:
We recommend you to restart Citrix Workspace app when you modify the Citrix Enterprise Browser settings in GACS. However, you can also wait for the automatic refresh to complete. For more information on the sync duration of policies fetched from GACS, refer Frequency of settings update.
Extending simplified single sign-on functionality to StoreFront
The single sign-on (SSO) feature is now available for StoreFront, which assures a unified SSO experience. This new capability eliminates the need for users to authenticate separately when accessing apps through StoreFront. To facilitate this SSO feature, use the same Identity Provider (IdP) for both Web and SaaS apps, and for StoreFront. For more information on how to manage SSO through GACS, see Manage single sign‑on for Web and SaaS apps through the Global App Configuration service.
Manage pass-through authentication in Citrix Enterprise Browser
Pass-through authentication (PTA) is a feature of Azure AD Connect. PTA is an authentication method where the user credentials are passed from the client machine to the server. You never see it as it happens on the back end. In this method, the client machine directly communicates with the authentication server to validate the user’s credentials. PTA is typically used when your client machine and the authentication server trust each other, and your client machine is considered to be secure. For more information on Microsoft Azure AD pass-through authentication, see Microsoft Entra seamless single sign-on.
To facilitate pass-through authentication, you need the Windows Accounts extension to interact with applications that require Azure AD based access within the Enterprise Browser. Administrator need to configure this Windows Accounts extension as part of the mandatory list under ExtensionInstallForcelist. For more information on the configuration of mandatory extensions, see Mandatory extension.
Enhanced capabilities on monitoring end user activities
Previously, administrators were unable to monitor end user activities such as App accessed and Traffic type. Starting with Citrix Workspace app for Windows 2311.1 (corresponding to Chromium version 119.1.1.60), you can now monitor these details as well.
- App accessed: Enterprise Browser provides information about all the apps accessed by the end user, provided the app is listed in the policy document.
- Traffic type: Enterprise Browser provides information about whether data is sent directly or through Secure Private Access authentication.
To monitor the end user activities from the Enterprise Browser, use the Citrix Analytics service using your Citrix Cloud account. After signing in to Citrix Cloud, navigate to Analytics > Security > Search. There, you can refer to Apps and Desktops under the Self-Service Search section. For more information on Citrix Analytics, see Getting started.
Technical Previews in 2311.1
- Support for TLS protocol version 1.3
For the complete list of Technical Preview features, see the Features in Technical Preview page.
Fixed issues in 2311.1
-
For a fresh install, the option to enable SSON is not available on the Installer UI. For more information, see User interface based installation. [RFWIN-32482]
-
Launch of a second seamless app fails if SSL is enabled and session reliability is turned off. If a seamless app is launched, the subsequent launch of another seamless app to the same sever should be launched in the existing session (session sharing), while the client tends to launch the app in new session causing an unexpected validate request to be sent to the broker. [CVADHELP-24549]
Session/Connection
- If connection lease was enabled for a cloud store, Citrix Workspace app for Windows started sessions successfully even after the session limit is exceeded. [CVADHELP-23771]
- You might fail to add a store when the top-level-domain (TLD) of the store URL is less than two characters or when there is no TLD. [CVADHELP-23973]
-
When you use smartcard authentication, adding a store might fail with the following error message:
“This store doesn’t exist. Please retry or contact support.”
This issue occurs with Citrix Workspace app for Windows 2309 and later versions. [CVADHELP-24127]
-
You might fail to add a cloud store that uses Azure AD authentication and you might get the following error message:
“Unable to connect to the server”
This issue occurs with Citrix Workspace app versions 2309 and 2309.1. [CVADHELP-24187]
- Citrix Workspace app with SAML2 and FAS authentication might fail to sign in automatically on session unlock even when the WSCReconnectMode for Workspace control is set to reconnect on Windows sign‑on and when the Silent authentication to Citrix Workspace policy is enabled. [CVADHELP-23018]
- Bloomberg Keyboard 5 Biometric Module might fail to connect automatically even when automatic redirection of client USB devices is on. [CVADHELP-22673]
- Citrix Workspace might fail to enumerate the published resources for a brief amount of time when connecting to a Global server load balancing (GSLB) URL. This issue occurs when the established StoreFront server encounters any issues that cause a GSLB controlled Virtual IP (VIP) address change in the endpoint. [CVADHELP-22467]
User experience
- Attempts to refresh might fail on custom domain stores. [CVADHELP-23733]
- When you change the store configuration using the Group Policy Object Template or using the command-line, you might notice a white screen. [CVADHELP-23801]
- When multiple accounts are configured through GPO and you activate any disabled account, Citrix Workspace app always switches to all accounts view instead of the selected single account. [CVADHELP-24018]
- The arrow keys, function keys, and number keys on Numpad don’t work on the Corsair K70 Keyboard when Citrix Workspace app for Windows version 2309 is installed by selecting the Start App Protection after installation checkbox. [CVADHELP-23450]
-
In high latency environments, a jittery movement might be observed in the mouse cursor on Citrix Workspace app when the Use relative mouse setting is enabled.
To enable the fix, modify the default.ica file in StoreFront at C:\inetpub\wwwroot\Citrix\Store\App_Data\default.ica.
Add
RelMouseSyncTimeout=xxx(min 10 to max 1000)
to the[WFClient]
section.Or
Set the following registry key on the endpoint:
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Citrix\ICA Client\Engine\Configuration\Advanced\Modules\WFClient
Name: RelMouseSyncTimeout
Type: STRING
Value: The minimum value is 10 and the maximum value is 1000
[CVADHELP-21829]
- You might notice that the app opens even after closing Citrix Workspace app when you highlight an app using the tab, then close Citrix Workspace app, and then press Enter. [CVADHELP-22700]
- In certain scenarios, when Citrix Workspace app fails to start apps or desktops, you might get two error messages, where one message appears in a dialog box and the other is a toast notification. [RFWIN-31561]
- When you sign in as an administrator after the desktop lock feature is enabled, you might be signed off from Citrix Workspace app if you click OK in the following pop-up message: “Administrator sign-in is detected. An elevated action is required to restore the shell for normal access.” [RFWIN-31949]
- After visiting a browser content redirected site, if you sign out from the user session, an error message might appear. [HDX-54552]
- Webcams in double-hop sessions don’t work as expected. This issue occurs when you use Citrix Workspace app for Windows to open virtual desktops or apps from within a virtual desktop session. [HDX-47317]
- You might notice visual artifacts on playing a video in a published application. The issue occurs when the system where Citrix Workspace app is installed has a GPU that doesn’t support hardware decoding. [HDX-57621]
- After installing Citrix Workspace app for the 2311.1 release, you might fail to open the product documentation link on the Installation successful screen using Citrix Enterprise Browser. This issue occurs because Citrix Enterprise Browser supports after you signed on to Citrix Workspace app. [CTXBR-6386]
User interface
- The WebView status bar might appear at the bottom of Citrix Workspace app when you hover the mouse over any published app or desktop icon. [CVADHELP-22108]
- The name of the audio devices is truncated to 32 characters while passing from Citrix Workspace app to VDA. As a result, the device might not be recognized in the client session by some apps. [HDX-53084]
2309.1
What’s new
This release addresses issues that help to improve overall performance and stability.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 117.1.1.13, based on Chromium version 117. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
Fixed issues
- You might fail to start sessions if the ICA file or the folder where the ICA file is downloaded is named with Unicode or non-English characters. This issue occurs only when you access and authenticate a store using a browser and then start any app or desktop using native Citrix Workspace app. [HDX-55649]
-
You might get errors with the following parameters, while installing the Citrix Workspace app for Windows version 2009 using the command line:
-
STORE0
parameter - An error message appears when a space character is included in the store name mentioning to use the correct format for the store. -
STARTMENUDIR
andDESKTOPDIR
- Ignores the name after space and creates the directory with the name before the space.
[RFWIN-31704]
-
- If .NET Runtime 6.0.20 or later version is installed on the system and .NET Desktop Runtime 6.0.20 or later version isn’t installed, you get an error message during Citrix Workspace app installation. [RFWIN-31817]
- The anti-screen capture feature doesn’t function as intended on Citrix Enterprise Browser version 117.1.1.9, when running on Windows 11. [CTXBR-6181]
- You might notice visual artifacts on playing a video in a published application. The issue occurs when the system where Citrix Workspace app is installed has a GPU that doesn’t support hardware decoding. [HDX-57621]
2309
What’s new
Note:
From this release onwards, ensure that the Microsoft Edge WebView2 Runtime version is 117 or later. We recommend you to install the latest version to get newer functionalities and security-related fixes.
The following features are added in this release:
- Additional .NET prerequisites
- Improved virtual apps and desktops launch experience
- Addition of the Troubleshooting option in the system tray of Citrix Workspace app
- Sustainability initiative from Citrix Workspace app
- Configure keyboard layout synchronization using command-line interface
- Command to cleanup and install Citrix Workspace app
- Enhanced domain pass-through for single sign-on
- Introducing new installer for Citrix Workspace app [Technical Preview]
- Support for EDT Lossy protocol [Technical Preview]
- Optimized Microsoft Teams updates
- App Protection
- Citrix Enterprise Browser
Additional .NET prerequisites
In addition to .NET Framework 4.8, Citrix Workspace app requires the x86 version of.NET Desktop Runtime 6.0 for both x86 and x64 systems with admin privileges. For more information, see .NET requirements.
Improved virtual apps and desktops launch experience
Note:
From Citrix Workspace app version 2305.1 and later, this feature is generally available for cloud stores and from 2309 for on-premises stores.
Previously, the launch progress dialog box wasn’t intuitive to the users. It made the users assume that the launch process isn’t responding and they closed the dialog box, as the notification messages were static.
The improved app and desktop launch experience is more informative, modern, and provides a user-friendly experience on Citrix Workspace app for Windows. This feature helps to keep the users engaged with timely and relevant information about the launch status.
For more information, see Improved virtual apps and desktops launch experience.
Addition of the Troubleshooting option in the system tray of Citrix Workspace app
The Troubleshooting option is introduced to improve the user experience and to easily proceed with the troubleshooting. You can right-click on the Citrix Workspace app icon in the system tray that is placed in the bottom-right corner of your screen and then select Troubleshooting to access it.
The options available under Troubleshooting are:
- Send Feedback
- Collect Logs
- Check Configuration
- Reset App Data
- Help
Send feedback on Citrix Workspace app
The Send feedback option allows you to inform Citrix about any issues that you might run into while using Citrix Workspace app. You can also send suggestions to help us improve your Citrix Workspace app experience.
For more information, see Addition of the Troubleshooting option in the system tray of Citrix Workspace app.
Sustainability initiative from Citrix Workspace app
When this feature is enabled, a prompt appears to sign out from the desktop session when a user closes a virtual desktop. This feature might help conserve energy if there are Windows OS policies that are used to shut down VMs when no users are logged in.
For more information, see Sustainability initiative from Citrix Workspace app.
Commands to configure keyboard layout synchronization using command-line interface
Previously, you could configure keyboard layout synchronization using the GUI or by updating the configuration file only. With this release, the new commands are introduced to configure keyboard layout synchronization using the command-line-interface.
For more information, see Configure keyboard layout synchronization using command-line interface.
Command to cleanup and install Citrix Workspace app
Use the /CleanInstall
command to cleanup any leftover traces such as files and registry values from a previous uninstall and then freshly install the new version of the Citrix Workspace app.
For example:
CitrixWorkspaceApp.exe /CleanInstall
<!--NeedCopy-->
Optimized Microsoft Teams updates
Upcoming Microsoft Teams Single-Window EOL
On January 31, 2024, Microsoft will retire the Microsoft Teams support for Single-window UI when using VDI Microsoft Teams optimization and support only the Multi-Window experience. You must use a version of Citrix Virtual Apps and Desktops and Citrix Workspace app that support the Multi-Window feature to continue using certain optimized Microsoft Teams functionalities. For more information, see Upcoming Microsoft Teams Single-Window EOL.
Deprecation announcement of the SDP format (Plan B) from WebRTC
Citrix is planning to deprecate the current SDP format (Plan B) support from WebRTC in future releases. You must use a version of Citrix Workspace app that supports the Unified Plan to continue using certain optimized Microsoft Teams functionalities. For more information, see Deprecation announcement of the SDP format (Plan B) from WebRTC.
App Protection
Important update on file names
In a future release for Citrix Workspace app for Windows, the following file names will be updated as follows:
Existing file name | New file name |
---|---|
EntryProtect.dll |
ctxapdotnet.dll |
entryprotect.sys |
ctxapdriver.sys |
epclient32.dll |
ctxapclient32.dll |
epclient64.dll |
ctxapclient64.dll |
epinject.sys |
ctxapinject.sys |
epusbfilter.sys |
ctxapusbfilter.sys |
entryprotectdrv |
ctxapdriver |
epinject6 |
ctxapinject |
These files are installed at %ProgramFiles(x86)%\Citrix\ICA Client
by default.
If you’ve added any of the preceding file names to the allow list in your environment, update the allow list.
Policy tampering detection
Policy tampering detection feature prevents the user from accessing the Virtual App or Desktop session if the App Protection anti-screen capture and anti-keylogging policies are tampered. If policy tampering is detected, the virtual app or desktop session will be terminated displaying the following error message:
Note:
This feature will be available only after the release of the upcoming version of Citrix Virtual Apps and Desktops.
For more information about the policy tampering detection feature, see Policy tampering detection.
Full desktop sharing capability from the VDA with Citrix Workspace app
Previously when App Protection is enabled, desktop sharing is disabled for Optimized Microsoft Teams as App Protection doesn’t allow you to capture the screen.
From Citrix Workspace app for Windows 2309 version and later, desktop sharing is enabled for Optimized Microsoft Teams even if App Protection is enabled.
For more information, see Compatibility with HDX optimization for Microsoft Teams.
App Protection with DoubleHop scenario
App Protection features aren’t supported in a double hop scenario. Double hop means a Citrix Virtual Apps or Virtual Desktops session running within a Citrix Virtual Desktops session. You were allowed to launch virtual apps and desktops enabled with App Protection policies in a double hop scenario. However, the App Protection features weren’t applied.
Now, a Windows Group Policy is introduced which allows you to block opening virtual apps and desktops enabled with App Protection policies in a double hop scenario. For more information about enabling the Block DoubleHop Launch setting, see Enable Block DoubleHop Launch setting.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 117.1.1.9, based on Chromium version 117. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
Authentication through Citrix Enterprise Browser
Previously, if the authentication token for Citrix Workspace app expired, you weren’t able to use the Enterprise Browser. You had to switch to Citrix Workspace app and reauthenticate to continue using the Enterprise Browser.
Starting with the Citrix Workspace app for Windows 2309 version (which corresponds to the Chromium version 117.1.1.9), you can authenticate within the Enterprise Browser itself only when the store remains the same. It ensures authentication to Citrix Workspace app as well. In addition, this feature provides a seamless login experience.
Note:
- This feature applies to Workspace stores.
Technical Preview
- Introducing new installer for Citrix Workspace app
- Support for EDT Lossy protocol
- Enhanced domain pass-through for single sign-on
For the complete list of Technical Preview features, see the Features in Technical Preview page.
Fixed issues
Session/Connection
-
The SelfService executable might run even though no account is added in the Citrix Workspace app. [CVADHELP-23124]
-
Attempts to start a published application through Citrix Workspace app on an endpoint with more than eight monitors might fail with the following error message:
This version of Workspace doesn’t support the selected encryption. Please contact your administrator.
[CVADHELP-20555]
- When connecting through Citrix Gateway, if there’s high latency, sessions might fail to connect using EDT and fallback to TCP. If HDX Adaptive Transport policy is set to Diagnostic mode, the sessions might fail to start. [HDX-49878]
-
When using Host to Client URL Redirection a specific URL might fail to open on the client as expected and might open on the VDA. This issue occurs because the Host to Client Content Redirection feature includes a ping check to ensure that the client can actually reach the URL being redirected. If the ping checks fail, it rejects the URL redirection request and the URL opens on the VDA. With the fix, you can prevent ping check in host to client redirection. To prevent ping check-in host to client redirection, set the following registry key.
HKEY_LOCAL_MACHINE/SOFTWARE/Wow6432Node/Citrix/ICA Client/SFTA Name: OverridePingCheck Type: REG_DWORD Value: 1
[CVADHELP-22824]
- The session might disconnect if you click the Desktop Viewer and resize a published desktop continuously. [CVADHELP-22063]
- After Citrix Workspace app installation completes, when you configure a store using GPO or command line, you might get a fatal error prompt. [CVADHELP-23345]
- Attempts to reconnect to certain non-English language desktop versions using Auto Client Reconnect might fail with an error message. [CVADHELP-22507]
- When the self-service mode is set to False and the desktop lock feature is enabled, you might fail to add a store and might fail to start a desktop. [CVADHELP-23052]
- When the Global App Config server isn’t reachable, the account addition might be timed out and you might fail to add an account. [CVADHELP-22999]
- You might fail to start apps or desktops session using the API from ICO SDK after upgrading to Citrix Workspace app version 2112 or later. [CVADHELP-22940]
- You might fail to start apps or desktops from Citrix Workspace when the cloud store is integrated with StoreFront. [CVADHELP-23606]
User experience
- Attempts to copy and paste .msg files from local Microsoft Outlook to a published explorer might fail. [CVADHELP-22542]
- When you sign out from Citrix Workspace app, you might not be signed out from the store. This issue occurs if you have set the
disableiconhide
registry value to ‘true’. [CVADHELP-22916] - When you try to open Citrix Workspace app, SelfService UI might be closed unexpectedly and you might fail to open Citrix Workspace app. This issue occurs only when some files are missing in the install location. [CVADHELP-22683]
- When you open a desktop, the Desktop Viewer name might appear garbled. [CVADHELP-22925]
- When you connect to a desktop using Cache Redirection mode, if ADC High Availability fails, you might not be able to reconnect to a desktop using Cache Redirection mode. [CVADHELP-22881]
- After you upgrade from Citrix Workspace app version 2305–2307, you might fail to create desktop shortcuts. [CVADHELP-23429], [CVADHELP-15550]
- When accessing a webserver using Integrated Windows authentication, the website content might not render on the client and might fall back to the server side. This issue occurs when the BCR proxy configuration is set to DIRECT mode. [HDX-51739]
- When you sign out from the Citrix Workspace app and sign in again, Citrix Workspace app starts without entering the sign-in credentials. This issue occurs only when you sign in to Citrix Workspace app using custom domain. [RFWIN-31415]
System exceptions
- The wfica32.exe process might exit unexpectedly during a user session. [CVADHELP-22249], [CVADHELP-22234]
- Citrix Workspace app for Windows 2212 version might fail to follow the conditions set in the proxy PAC file. [CVADHELP-22503]
App Protection
- When you are using Corsair K70 Keyboard with Citrix Workspace app versions 2212 or later, then incorrect keystrokes might be sent to Anti-Keylogging enabled windows. [CVADHELP-23157]
2307.1
What’s new
This release addresses issues that help to improve overall performance and stability.
Fixed issues
- In Microsoft Teams, while you share a screen or app and resize it, the aspect ratios displayed might not be correct on the recipient’s (other meeting participants) side. This issue also occurs when you share screen or apps that are ordered using the Snap Windows feature option. [HDX-54395]
2307
What’s new
Added support for playing short tones in optimized Microsoft Teams
Earlier, with the secondary ringtone feature enabled, short tones such as beeps or notifications were playing repeatedly. For example, the tone that was played when a guest joins the Microsoft Teams meeting was repeated. The only workaround was to quit and restart Microsoft Teams. This issue resulted in a poor end-user experience.
With this release, Citrix Workspace app supports playing the short tones as desired. This support also enables the secondary ringtone feature.
Prerequisites:
Update to the latest version of Microsoft Teams.
Note:
The preceding feature is available only after the roll-out of a corresponding update from Microsoft Teams. Check the documentation update and the announcement in CTX253754.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 112.1.1.24, based on Chromium version 112. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
Citrix Enterprise Browser shortcut
Starting with the Citrix Workspace app for Windows 2307 version, an administrator can configure and control the presence of the Citrix Enterprise Browser shortcut on the Start menu.
Note:
By default, this setting is enabled for Workspace stores.
Configuration
An IT administrator can configure the presence of the Citrix Enterprise Browser shortcut in one of the following ways:
- Group Policy Object (GPO)
- Global App Configuration Service (GACS)
- web.config.file.
Notes:
- All the configuration methods have equal priority. Enabling any one of them enables the shortcut.
- If you haven’t configured the shortcut but have one or more Workspace stores, the shortcut gets automatically enabled.
- For end users, the Citrix Enterprise Browser shortcut appears if the user makes it as a favorite app irrespective of the configuration.
To disable this feature for Workspace stores, administrators must apply the following settings in any one of the following:
- set the CEBShortcutEnabled attribute to false in the
web.config
file.- disable the Enable Citrix Enterprise Browser shortcut property in GPO and GACS.
Using Group Policy Object
Administrators can use the Enable Citrix Enterprise Browser shortcut property to control the display of the Citrix Enterprise Browser shortcut on the Start menu.
Note:
Configuration through GPO is applicable on Workspace and StoreFront.
To enable the Citrix Enterprise Browser shortcut, do the following:
- Open the Citrix Workspace app Group Policy Object administrative template by running
gpedit.msc
. - Under the Computer Configuration node, go to Administrative Templates > Citrix Components > Citrix Workspace > Citrix Enterprise Browser.
- Select the Enable Citrix Enterprise Browser shortcut option.
For more information on how to use the GPO, see the Group Policy Object administrative template page.
Global App Configuration service (GACS)
Navigate to Workspace Configuration > App Configuration > Citrix Enterprise Browser and enable Enable Citrix Enterprise Browser shortcut.
For more information on how to use the GACS UI, see the User interface article in the Citrix Enterprise Browser documentation.
Note:
This way of configuration is applicable on Workspace and StoreFront.
web.config file:
Enable the attribute CEBShortcutEnabled under the properties.
<properties>
<property name="CEBShortcutEnabled" value="True" />
</properties>
<!--NeedCopy-->
Note:
Configuration through
web.config
is applicable on StoreFront.
Using web.config:
To enable the Citrix Enterprise Browser shortcut, do the following:
- Use a text editor to open the web.config file, which is typically at
C:\inetpub\wwwroot\Citrix\Roaming directory
. -
Locate the user account element in the file (Store is the account name of your deployment) For example:
<account id=... name="Store">
-
Before the
</account>
tag, navigate to the properties of that user account and add the following:<properties> <property name="CEBShortcutEnabled" value="True" /> </properties> <!--NeedCopy-->
Following is an example of the web.config
file:
<account>
<clear />
<account id="d1197d2c-ac82-4f13-9346-2ee14d4b0202" name="F84Store"
description="" published="true" updaterType="Citrix" remoteAccessType="None">
<annotatedServices>
<clear />
<annotatedServiceRecord serviceRef="1__Citrix_F84Store">
<metadata>
<plugins>
<clear />
</plugins>
<trustSettings>
<clear />
</trustSettings>
<properties>
<property name="CEBShortcutEnabled" value="True" />
</properties>
</metadata>
</annotatedServiceRecord>
</annotatedServices>
<metadata>
<plugins>
<clear />
</plugins>
<trustSettings>
<clear />
</trustSettings>
<properties>
<clear />
</properties>
</metadata>
</account>
<!--NeedCopy-->
Fixed issues
- On Citrix Workspace app for Windows version 2212 and later, the first launch of the anti-screen capture enabled virtual desktop in a custom web store is not protected in the following case: If you haven’t selected the Start App Protection after installation checkbox, and launch the virtual desktop. The desktop is protected from the subsequent launches. [CVADHELP-23189]
- Citrix Workspace app sessions might get disconnected due to a possible failure in wfica32.exe. This issue occurs rarely and you might get an error message with event ID 1000. [CVADHELP-23341]
- When you access Linux VDA from the Citrix Workspace app for Windows version 2303 or later, the Wfica32.exe might fail. This issue occurs when the session is left opened for a long time. [CVADHELP-23037]
- If you use the Citrix Workspace app version 2305.1 or earlier to personalize the app as per your organization, the brand personalization might not be reflected. This issue occurs due to a certificate update in Citrix Workspace app done recently. [RFWIN-30798]
2305.1
What’s new
Improved virtual apps and desktops launch experience
Note:
This feature is generally available for cloud stores and it is in technical preview for on-premises stores.
Previously, the launch progress dialog box wasn’t intuitive to the users. It made the users assume that the launch process isn’t responding and they closed the dialog box, as the notification messages were static.
The improved app and desktop launch experience is more informative, modern, and provides a user-friendly experience on Citrix Workspace app for Windows. This feature helps to keep the users engaged with timely and relevant information about the launch status. The notification appears in the bottom-right corner of your screen.
Users can view meaningful notifications about the launch progress, instead of just a spinner. If a launch is in progress and the user attempts to close the browser, a warning message is shown.
Starting with Citrix Workspace app for Windows 2305.1, this feature is enabled by default in cloud sessions.
You can enable this feature using the registry key for the StoreFront (on-premises) session. For more information, see Improved virtual apps and desktops launch experience.
Note:
Technical previews are available for customers to test in their non-production or limited production environments, and to give customers an opportunity to share feedback. Citrix does not accept support cases for feature previews but welcomes feedback for improving them. Citrix might or might not act on feedback based on its severity, criticality, and importance. It is advised that Beta builds aren’t deployed in production environments.
You can provide feedback on this feature via the Podio.
Tracking Storebrowse command status
You can track the execution status of a Storebrowse command in a file. To track the success status, provide a unique file name with the -f launch
command. This command generates a file with the name that you have provided. The failure status is present in the ica.error
file, which is created automatically.
Note:
Ensure that you add an
.ica
extension to the file name with-f launch
command. Otherwise, the file isn’t generated.
The files to track both success and failure are present at %LOCALAPPDATA%\citrix\selfservice\cache
and you can monitor these files as needed.
This enhancement is enabled by default.
Following is an example to use the launch command with -f
option:
-launch -f <uniqueFileName.ica> "launchcommandline"
For example:
SelfService.exe storebrowse -launch -f uniqueFileName.ica -s store0-5c3ec017 -CitrixID store0-5c3ec017@@a9a8e3ac-099d-4577-b84e-e33d0695df39.Notepad -ica "https://cwawiniwstest.cloudburrito.com/Citrix/Store/resources/v2/YTlhOGUzYWMtMDk5ZC00NTc3LWI4NGUtZTMzZDA2OTVkZjM5Lk5vdGVwYWQ-/launch/ica" -cmdline
<!--NeedCopy-->
Support for modern authentication methods for StoreFront stores
Citrix Workspace app 2305.1 for Windows support modern authentication methods for StoreFront stores. You can authenticate to Citrix StoreFront stores using any of the following ways:
- Using Windows Hello and FIDO2 security keys. For more information, see Other ways to authenticate.
- Single sign-on to Citrix StoreFront stores from Azure Active Directory (AAD) joined machines with AAD as the identity provider. For more information, see Other ways to authenticate.
- Workspace administrators can configure and enforce Azure Active Directory conditional access policies for users authenticating to Citrix StoreFront stores. For more information, see Support for Conditional access with Azure AD.
To enable this feature, you must use Microsoft Edge WebView2 as the underlying browser for direct StoreFront and gateway authentication.
Note:
Ensure that the Microsoft Edge WebView2 Runtime version is 102 or later.
You can enable modern authentication methods for StoreFront stores using the Global App Config service and Group Policy Object (GPO) template. For more information, see the Support for modern authentication methods for StoreFront stores section.
Plugins management for WebEx plug‑in
Starting with the 2305.1 version, download, install, and auto‑update of the WebEx plug‑in is supported and handled the same way as the Zoom plug‑ins. For more information, see Plugins management for WebEx plug‑in.
Support for more than 200 groups in Azure AD
With this release, an Azure AD user who is part of more than 200 groups can view apps and desktops assigned to the user. Previously, the same user wasn’t able to view these apps and desktops.
Note:
Users must sign out from Citrix Workspace app and sign in back to enable this feature.
App Protection
Enhancement on anti-keylogging
With this enhancement, anti-keylogging is enabled on the authentication and self-service plug-in (SSP) screens if one of the following criteria is met:
-
You have enabled App Protection using one of the following:
- Select the Start App Protection checkbox during installation.
- Start the App Protection component using the
startappprotection
command line parameter.
-
If you haven’t selected the Start App Protection checkbox or used the
startappprotection
command line parameter during the installation, then the anti-keylogging protection is enabled after launching the first protected resource.
Note:
The Global App Configuration service (GACS) and Group policy objects (GPO) settings override the preceding behavior. For example, if you’ve disabled the GACS or GPO policy for these screens, the anti-keylogging is not enabled on the authentication and SSP screens.
Important update on file names
In a future release for Citrix Workspace app for Windows, the following file names will be updated:
- EntryProtect.dll
- entryprotect.sys
- epclient32.dll
- epclient64.dll
- epinject.sys
- epusbfilter.sys
- entryprotectdrv
- epinject6
These files are installed at %ProgramFiles(x86)%\Citrix\ICA Client\
.
If you’ve added any of these file names to the allow list in your environment, update the allow list when the new file names are announced.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 105.1.1.27, based on Chromium version 105. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
Support for browser extensions
You can add extensions that are provided by your administrator to the Citrix Enterprise Browser in a secure way. An administrator can deploy, manage, and control the extensions. End users can view and use the extension under citrixbrowser://extensions
as required. For more settings, see Global App Configuration Service.
For more information on how to configure, see Support for browser extensions.
Modification in SPA policy implementation on internal Web and SaaS apps
This feature enhances the security policies implementation on Web and SaaS apps. When a webpage and iframes within the webpage have different policies, we now have a stricter policy implementation where a union of all policies is applied on the entire webpage, including the iframes. However, the watermark is applied to the webpage only.
Use Global App Config service to manage Citrix Enterprise Browser
The administrator can use the Global App Configuration service (GACS) for Citrix Workspace to deliver Citrix Enterprise Browser settings through a centrally managed service.
The Global App Configuration service is designed for administrators to easily configure Citrix Workspace and manage the Citrix Workspace app settings. This feature allows admins to use the Global App Configuration Service to apply various settings or system policies to the Citrix Enterprise Browser on a particular store. The administrator can now configure and manage the following Citrix Enterprise Browser settings using APIs or the GACS Admin UI:
- “Enable CEB for all apps” - Makes the Citrix Enterprise Browser the default browser for opening web and SaaS apps from the Citrix Workspace app.
- “Enable save passwords” - Allow or deny end users the ability to save passwords.
- “Enable incognito mode” - Enable or disable incognito mode.
- “Managed Bookmarks” - Allow an administrator to push bookmarks to the Citrix Enterprise Browser.
- “Enable developer tools” - Enable or disable developer tools within the Enterprise Browser.
- “Delete browsing data on exit” - Allow the administrator to configure what data the Citrix Enterprise Browser deletes on exit.
- “Extension Install Force list” - Allow the administrator to install extensions in the Citrix Enterprise Browser.
- “Extension Install Allow list” - Allow the administrator to configure an allowed list of extensions that users can add to the Citrix Enterprise Browser. This list uses the Chrome Web Store.
For more information, see Use Global App Configuration service to manage Citrix Enterprise Browser.
Notes:
- The name and value pair are case-sensitive.
- All the browser settings in Global App Configuration Service are under the following categories:
{
"category": "browser",
"userOverride": false,
"assignedTo": [
"AllUsersNoAuthentication"
]
}
<!--NeedCopy-->
- The administrator can apply the settings to unmanaged devices as well. For more information, see the Global App Configuration Service documentation.
User interface
To configure Citrix Enterprise Browser through the GACS Admin UI, do the following:
-
Sign in to citrix.cloud.com with your credentials.
Note:
Refer to the Sign Up for Citrix Cloud article for step-by-step instructions to create a Citrix Cloud account.
-
Upon authentication, click the menu button in the top left corner and select Workspace Configuration.
The Workspace Configuration screen appears.
-
Click App Configuration > Citrix Enterprise Browser.
You can now configure, modify, and publish Citrix Enterprise Browser feature settings.
For more information, see Use Global App Configuration service to manage Citrix Enterprise Browser.
Technical Preview
- Sustainability initiative from Citrix Workspace app
For the complete list of Technical Preview features, see the Features in Technical Preview page.
Fixed issues
-
You might get the following error message when the
AllowAddStore
parameter is set toN
value and an HTTP store is added using the Group Policy Object (GPO) or command line interface:“Unable to connect to the server” [CVADHELP-22184]
- When you use the Workspace Environment Management (WEM) transformer with desktops, instead of automatically opening the desktop, you might be asked to download, run, and open the ICA file. This issue occurs with Citrix Workspace app versions 2209, 2212, and 2302. [CVADHELP-22318]
- The icons created on the desktop might be enabled even after setting the value of
PutShortcutsOnDesktop
toFalse
under the registry keyHKEY_LOCAL_MACHINE\SOFTWARE\Policies\Citrix\Dazzle\
. [CVADHELP-15550] - You might not be able to use Pega Robot Studio, a third party app, even if you don’t have any protected apps or desktops opened. This issue occurs when Citrix Workspace app is installed with App Protection enabled. [CVADHELP-21146]
- If the Windows 10 OS is installed in a language other than English, Citrix Workspace app might fail to access the local apps of the OS. [CVADHELP-21986]
- When Citrix Workspace app that is opened on a published desktop freezes, the published apps running on the published desktop might fail to start. The issue occurs when there is a deadlock within the
receiver.exe
file. [CVADHELP-21604] - When you sign in to the Citrix Workspace app, apps and desktops corresponding to multiple accounts configured through GPO or command line might not be displayed. This issue occurs when the registry key value of
CurrentAccount
is set toAllAccount
at `Computer\HKEY_LOCAL_MACHINE\Software\wow6432Node\Citrix\Dazzle” [CVADHELP-21124] - You might not be able to take screenshots using the Print Screen key (PrtSc) when there are no protected apps on the screen. This issue occurs when App Protection is enabled for self-service on Citrix Workspace app. [CVADHELP-21979]
- For cloud stores, you might fail to add an account using redirected URLs. [CVADHELP-22438]
- After upgrading to Citrix Workspace app for Windows 2203 LTSR, you might see a white screen. This issue occurs when you add and configure a store for the first time and simultaneously refresh and open the SelfService UI. [CVADHELP-22696]
- Sometimes, you might fail to start a virtual desktop from Citrix Workspace app version 2305. You might also notice that the session quits silently, the session disconnects with a gray screen, or the session fails with an error message: ‘SSL Error 27: No local security certificates could be loaded.’ [CVADHELP-23095]
-
When you install either Citrix Workspace app for Windows 2212, 2202, or 2303 version with App Protection enabled, the installation might fail intermittently with the following error message:
“Service ‘@C:\Program Files (x86)\Citrix\ICA Client esources.dll, -104’ (appprotectionsvc) could not be installed. Verify that you have sufficient privileges to install system services.”
[CVADHELP-21995]
- The Citrix Workspace app might stop responding if you have any mouse interaction (mouse action or movements) on the Restore session dialog box. This issue occurs when you start a session after upgrading from the Citrix Workspace app version 2302–2303 and if there are disconnected sessions previously. [RFWIN-29663]
- You might notice that the HTTP requests during auto-update are sent to the Content Delivery Network (CDN) even when a proxy is configured using the proxy auto‑configuration (PAC) file. [RFWIN-29203]
- When the Microsoft Edge WebView for StoreFront authentication policy is enabled and if the sign-in needs HTTP authentication (basic or proxy), instead of asking for user credentials, the Edge WebView browser authentication window might close. [RFWIN-30061]
- You might not be able to see the name of an opened virtual desktop on the connecting screen in the Desktop Viewer when the desktop is opened in full screen. [RFWIN-29875]
- An extra entry for Citrix Workspace without the default Citrix Workspace app icon appears on the Windows 11 control panel. [APPP-1263]
- The names in the Properties of Network Connections (in the control panel) might be corrupted when Citrix Workspace app is installed with App Protection enabled. [APPP-1242]
2303
What’s new
Configure path for Browser Content Redirection overlay Browser temp data storage
Starting with Citrix Workspace app 2303 version, you are requested to configure temp data storage path for the Chromium Embedded Framework (CEF) based browser.
For more information, see Configure path for Browser Content Redirection overlay Browser temp data storage.
Support for modern authentication methods for StoreFront stores
Citrix Workspace app 2303 for Windows support modern authentication methods for StoreFront stores. You can authenticate to Citrix StoreFront stores using any of the following ways:
- Using Windows Hello and FIDO2 security keys. For more information, see Other ways to authenticate.
- Single sign-on to Citrix StoreFront stores from Azure Active Directory (AAD) joined machines with AAD as the identity provider. For more information, see Other ways to authenticate.
- Workspace administrators can configure and enforce Azure Active Directory conditional access policies for users authenticating to Citrix StoreFront stores. For more information, see Support for Conditional access with Azure AD.
To enable this feature, you must use Microsoft Edge WebView2 as the underlying browser for direct StoreFront and gateway authentication.
Note:
Ensure that the Microsoft Edge WebView2 Runtime version is 102 or later.
You can enable modern authentication methods for StoreFront stores using the GPO template. For more information, see the Support for modern authentication methods for StoreFront stores section.
Improved experience for optimized Microsoft Teams video conference calls
Starting with this release, by default simulcast support is enabled for optimized Microsoft Teams video conference calls. With this support, the quality and experience of video conference calls across different endpoints are improved by adapting to the proper resolution for the best call experience for all callers.
With this improved experience, each user might deliver multiple video streams in different resolutions (for example, 720p, 360p, and so on) depending on several factors including endpoint capability, network conditions, and so on. The receiving endpoint then requests the maximum quality resolution that it can handle thereby giving all users the optimum video experience.
Note:
This feature is available only after the roll-out of an update from Microsoft Teams. For information on ETA, go to https://www.microsoft.com/ and search for the Microsoft 365 roadmap. When the update is rolled-out by Microsoft, you can check CTX253754 for the documentation update and the announcement.
Enhancement to App Protection: Anti-DLL Injection
As part of App Protection, we now have a security enhancement that helps to protect the Citrix Workspace app from certain unauthorized dynamic-link libraries (DLL) or untrusted modules. If such untrusted modules are injected, the Citrix Workspace app detects these interventions and stops the modules from loading.
The anti-DLL injection can be enabled for the following components:
- Citrix Auth Manager
- Citrix Workspace app UI
- Citrix Virtual Apps and Desktops
For more information, see the App Protection documentation.
Disclaimer:
This capability works by filtering access to required functions of the underlying operating system (specific API calls required to load DLLs). Doing so means that it can provide protection even against certain custom and purpose-built hacker tools. However, as operating systems evolve, new ways of loading DLLs can emerge. While we continue to identify and address them, we cannot guarantee full protection in specific configurations and deployments.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 109.1.1.29, based on Chromium version 109. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
Secure Private Access support for StoreFront
As an administrator, you can now configure Web and SaaS apps in StoreFront using a Secure Private Access solution. After the administrator configures the app, end users can open the Web and SaaS apps using Citrix Enterprise Browser with enhanced security.
For more information, see Secure Private Access for on-premises in the Citrix Secure Private Access documentation.
Technical Preview
- Client App Management for WebEx plug‑in
For the complete list of Technical Preview features, see the Features in Technical Preview page.
Fixed issues
- The published URLs open through the Citrix Enterprise Browser instead of the device’s default browser. [CTXBR-4718]
- You might experience delay in enumerating apps and starting apps or desktops when using SSON in an environment that has no active access to external sites. This issue occurs from the Citrix Workspace app version 2210.5 onwards and from the Citrix Workspace app version 2203 CU2 onwards. [CVADHELP-21786]
- The wfica32.exe process might stop unexpectedly and get an error when you open an app from the Citrix Workspace. This issue occurs only when you have the adaptive audio feature enabled. [CVADHELP-20999]
- When you install Citrix Workspace app 2212 on remote machines using a PowerShell script, the Citrix Workspace app installer might stop. This issue occurs before the installation begins on the remote machine. [CVADHELP-22278]
- When you attempt to configure multiple stores through a Group Policy Object (GPO) or command line, one of the stores might not be fully configured. [CVADHELP-22034]
- The screen might display the authentication pop-up window on the upper left corner instead of displaying on the center. [CVADHELP-21835]
- After a store is added with the store authentication token set to true, Citrix Workspace might become unresponsive at the white screen and the store authentication token is set to false. [CVADHELP-21582]
- Attempts to access Citrix Workspace app for Windows might fail when the VPN disconnects or reconnects. [CVADHELP-21662]
- When you share a screen using Microsoft Teams from the HP EliteBook G6 endpoint, you might see a red window instead of a red border. [CVADHELP-20763]
- You might not be able to use the Bloomberg Terminal application with the Bloomberg Keyboard 5 or Bloomberg Keyboard 2013. This issue occurs when Citrix Workspace app version 2302 is installed on your system with the App Protection feature enabled. [CVADHELP-22221]
- A published application might open in a non-visible state when you start the application. [CVADHELP-21618]
- The
msedgewebview2.exe
` process can cause high CPU usage when selfservice is running. [CVADHELP-21610] -
There might be a delay in adding a store due to certificate revocation check requests for the store’s certificate. As a workaround, you can skip checking certificate revocation using the following registry:
Path : HKEY_LOCAL_MACHINE/Software/wow6432node/Citrix/Receiver Name : SkipStoreCertificateRevocationCheck Type : DWORD Value : 1
or Path : HKEY_CURRENT_USER/Software/Citrix/Receiver Name : SkipStoreCertificateRevocationCheck Type : DWORD Value : 1 [CVADHELP-21931]
- The position of the window and size might not be persistent when you reconnect the desktop. This issue occurs when the desktop is in a window mode and using a non-primary monitor. [HDX-44997]
- Desktop Viewer toolbar might cover the screen when the desktop is in normal resolution and DPI. [HDX-45206]
- In a multi-session scenario, when you open a second session, the session might be hidden behind the first session. Also, the Citrix Workspace app icon for the second session might not be present on the taskbar. [RFWIN-29773]
2302
What’s new
Improved virtual apps and desktops reconnection experience
This release provides an enhanced user experience while reconnecting to virtual apps and desktops from which you got disconnected.
When Citrix Workspace app attempts to refresh the disconnected Citrix Workspace app or start new virtual apps or desktops as a part of the Workspace Control feature, the following prompt appears:
This prompt appears only when the show reconnection prompt to reconnect sessions is set to true in the Global App Configuration service.
Click Restore to reconnect to open new and disconnected virtual apps and desktops. If you want to start only newly selected apps and desktops, click Cancel.
You can also select Remember my preference to apply the selected preference for the next login.
The preceding new Restore session? prompt appears only if:
- the user tries to start an app belonging to a workspace store,
- admin policies or app config settings are not configured for the Workspace Control feature,
- Workspace Control Reconnect options are set to default on the client.
Note:
Reconnect settings in the Reconnect Options takes precedence over the preferences set in the dialog box. For more information, see the Configure reconnect options using Advanced Preferences dialog.
Client App Management for Zoom plug-in
You can now manage the Zoom plug-in using Client App Management capability.
For more information, see Client App Management for Zoom plug-in.
Support for modern authentication methods for StoreFront stores [Technical Preview]
Starting with this release, Citrix Workspace app for Windows support modern authentication methods for StoreFront stores. You can authenticate to Citrix StoreFront stores using any of the following ways:
- Using Windows Hello and FIDO2 security keys. For more information, see Other ways to authenticate.
- Single sign-on to Citrix StoreFront stores from Azure Active Directory (AAD) joined machines with AAD as the identity provider. For more information, see Other ways to authenticate.
- Workspace administrators can configure and enforce Azure Active Directory conditional access policies for users authenticating to Citrix StoreFront stores. For more information, see Support for Conditional access with Azure AD.
To enable this feature, you must use Microsoft Edge WebView2 as the underlying browser for direct StoreFront and gateway authentication.
Note:
Ensure that the Microsoft Edge WebView2 Runtime version is 102 or later.
You can enable modern authentication methods for StoreFront stores using the GPO template. For more information, see the Support for modern authentication methods for StoreFront stores section.
Note:
Technical previews are available for customers to test in their non-production or limited production environments, and to give customers an opportunity to share feedback. Citrix does not accept support cases for feature previews but welcomes feedback for improving them. Citrix might or might not act on feedback based on its severity, criticality, and importance. It is advised that Beta builds aren’t deployed in production environments.
You can provide feedback on this feature via the Podio form.
Updated audio device selection behavior for optimized Microsoft Teams
Starting with this release, when you change the default audio devices in the sound settings on the endpoint, the optimized Microsoft Teams in the Citrix VDI changes the current audio devices selection to match the endpoint defaults.
However, if you make an explicit device selection in Microsoft Teams, your selection takes precedence and does not follow the endpoint defaults. Your selection is persistent until you clear the Microsoft Teams cache.
App Protection enhancement
Starting with this release, Citrix Workspace app for Windows allows you to configure App Protection for Authentication and Self-Service plug-in using the Global App Configuration. Previously, you were able to configure these components only using the Group Policy Object.
If you enable the anti-keylogging and the anti-screen capturing functionality using the Global App Configuration service, they are applicable to both Authentication and Self-Service plug-in.
Note:
The Global App Configuration service configurations don’t apply for virtual apps, virtual desktops, web apps, and SaaS apps. These resources continue to be controlled using the Delivery Controller and Citrix Secure Private Access. For more information, see the configure section in the App Protection documentation.
For more information, see the App Protection enhancement section.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 108.1.1.97, based on Chromium version 108. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
Open all web and SaaS apps through the Citrix Enterprise Browser
In this release of the Enterprise Browser (in Citrix Workspace app for Windows), all internal web apps and external SaaS apps available in the Citrix Workspace app open in Citrix Enterprise Browser.
Option to start Citrix Enterprise Browser from within Citrix Workspace app
Previously, you can open the Citrix Enterprise Browser from the Citrix Workspace app after opening a web or SaaS app.
Starting with this release, you can open the Citrix Enterprise Browser from the Citrix Workspace app directly without requiring you to open a web or SaaS app. This feature provides easy access to the Citrix Enterprise Browser and doesn’t require any configurations from administrators. This feature is available by default.
Note:
The end user must have entitlement to at least one web or SaaS app through Secure Private Access.
Fixed issues
- Some SaaS apps which have enhanced security set to OFF fail to open in Citrix Enterprise Browser if Citrix Enterprise Browser is the default browser. [CTXBR-4106] [CTXBR-4405]
- Attempts to start apps or desktops from custom web stores might fail when using Microsoft Edge WebView2 Runtime version 109 and later. [RFWIN-29200].
- You might fail to add a hidden store to the Citrix Workspace app. This issue occurs when you try to add Citrix Gateway FQDN that requires smartcard authentication or when the StoreFront store name has spaces, for example,
https://servername.company.com?Store
Service. [CVADHELP-21516] - The inactivity timeout value might not expire if you exit from the Citrix Workspace app before reaching the set time-out value. As a result, you might later be able to start Citrix Workspace app without entering any credentials. [CVADHELP-20912]
- You might fail to see the authentication pop-up page automatically after installing the Citrix Workspace app. [CVADHELP-20593]
- On a multi-monitor setup, the application windows move to a different monitor whenever the user disconnects and reconnects to the session. [HDX-45043]
- With certain older AMD GPU series, purple video content or flashing screens might be seen with Citrix Workspace app 2206 or newer. [HDX‑46264]
-
Unable to repair BCRClient.msi and the following error appears during the Citrix Workspace app installation:
[HDX-46964]
2212
What’s new
Note:
From this release onward, ensure that the Microsoft Edge WebView2 Runtime version is 102 or later. For more information, see System requirements and compatibility.
Client App Management
Citrix Workspace app 2212 for Windows now offers Client App Management capability that makes the Citrix Workspace app a single client app required on the end point to install and manage agents such as the Secure Access Agent and End Point Analysis (EPA) plug-in.
With this capability, administrators can easily deploy and manage required agents from a single management console.
For more information, see Client App Management.
Client App Management for Zoom plug-in [Technical Preview]
Starting from Citrix Workspace app 2212 for Windows, you can now manage the Zoom plug-in using the Client App Management capability.
For more information, see Client App Management.
You can record your feedback for this technical preview by using this Podio form.
Note:
Technical previews are available for customers to test in their non-production or limited production environments, and to give customers an opportunity to share feedback. Citrix does not accept support cases for feature previews but welcomes feedback for improving them. Citrix might or might not act on feedback based on its severity, criticality, and importance. It is advised that Beta builds aren’t deployed in production environments.
Auto-update version control
Administrators can now manage the auto-update version for the devices in the organization.
Administrators can control the version by setting the version in the maximumAllowedVersion property in the Global App Config Service.
Example JSON file in Global App Config Service:
{
"category": "AutoUpdate",
"userOverride": false,
"assignedTo": [
"AllUsersNoAuthentication"
],
"settings": [
{
"name": "Auto Update plugins settings",
"value": [
{
"pluginSettings": {
"upgradeToLatest": false,
"deploymentMode": "InstallAndUpdate",
"stream": "Current",
"maximumAllowedVersion": "23.03.0.49",
"minimumAllowedVersion": "0.0.0.0",
"delayGroup": "Fast"
},
"pluginName": "WorkspaceApp",
"pluginId": "1CDF566D-B2C7-47CA-802F-6283C862E1D6"
}
]
}
]
}
<!--NeedCopy-->
When the version is set, Citrix Workspace app on the user’s device is automatically updated to the version specified in the maximumAllowedVersion property.
Notes:
- Currently all the parameters mentioned in the preceding JSON file are mandatory. You must provide values for the
upgradeToLatest
setting and themaximumAllowedVersion
setting based on the requirement of your organization. However, for the remaining parameters, you can use values similar to the example JSON file.- To achieve auto-update version control,
upgradeToLatest
setting in the Global App Config Service must be set to false. If this setting is true,maximumAllowedVersion
is ignored.- Do not modify the pluginId as this ID is mapped to Citrix Workspace app.
- If the administrator hasn’t configured the version in the Global App Config Service, Citrix Workspace app is updated to the latest available version by default.
Force login prompt for Federated identity provider
Citrix Workspace app now honors the Federated Identity Provider Sessions setting. For more information, see Knowledge Center article CTX253779.
You no longer need to use the Store authentication tokens policy to force the login prompt.
Improved reconnection experience after connection lease file expiry
Previously, there was no notification to the end user when the connection lease file and authentication token expired.
Starting from this release, you are prompted with an error message and a consent dialog box. The consent dialog box appears only when you have resources running in the session. If there are no resources running, only an error dialog box appears. You are signed out without being prompted with the consent dialog box.
You can click Sign Out to sign out from the current Citrix Workspace app session or click Cancel to continue with the session.
Note:
Save your data before clicking Sign Out.
Enhancement to App Protection: Anti-DLL Injection [Technical Preview]
As part of App Protection, we now have a security enhancement that helps protect the Citrix Workspace app from certain unauthorized dynamic-link libraries (DLL) or untrusted modules. If such untrusted modules are injected, the Citrix Workspace app detects these interventions and stops the modules from loading.
Previously, this technical preview feature was applicable only for protected virtual apps and desktops. With this release, we have enhanced its scope to now include:
- all virtual apps and desktop sessions
- the Citrix Workspace app authentication window (on-premises deployment/StoreFront)
Additionally, this enhancement now:
-
exits the session immediately when certain untrusted or malicious DLLs exist on the protected component
-
displays a notification when an untrusted or malicious DLL is blocked.
Disclaimer:
This capability works by filtering access to required functions of the underlying operating system (specific API calls required to load DLLs). Doing so means that it can provide protection even against certain custom and purpose-built hacker tools. However, as operating systems evolve, new ways of loading DLLs can emerge. While we continue to identify and address them, we cannot guarantee full protection in specific configurations and deployments.
You can register for this technical preview by using this Feedback form).
Note:
Technical previews are available for customers to test in their non-production or limited production environments, and to give customers an opportunity to share feedback. Citrix does not accept support cases for feature previews but welcomes feedback for improving them. Citrix might or might not act on feedback based on its severity, criticality, and importance. It is advised that Beta builds aren’t deployed in production environments.
Support for default installation of App Protection
App Protection component is now installed by default during the Citrix Workspace app installation.
The Enable app protection checkbox that appears during the installation is replaced with Start App Protection after installation.
When you select this checkbox, App Protection starts immediately after the installation.
Note:
If you do not enable this checkbox, App Protection automatically starts upon the first start of a protected resource or component for customers who have entitled to App Protection.
You can also start the App Protection component using the /startappprotection
command line parameter. However, the previous /includeappprotection
switch is deprecated.
Note:
Previously, anti-screen capture and anti-keylogging capabilities were enforced by default for Citrix authentication and Citrix Workspace app screens. However, starting from 2212, these capabilities are disabled by default and need to be configured using the Group Policy Object. For information on the GPO configuration, see Enhancement to App Protection configuration.
App Protection enhancement: Screen capture detection and notification
Starting from this release, you can view a notification when a possible attempt of screen capture is made on any protected resources. For information on the resources protected by App Protection, see What does App Protection protect?.
The notification appears when there is an:
- attempt to take a screenshot or record video through a screen-capturing tool.
- attempt to take a screenshot through the Print Screen key.
Note:
The notification appears only once per running instance of the screen capture tool. The notification appears again if you relaunch the tool and attempt screen capture.
Desktop Viewer optimization
This release optimizes the Desktop Viewer experience by reducing the launch time by 5 seconds. The Desktop Viewer toolbar opens quickly and might display the default Windows session sign-in screen. Administrators can hide this experience by configuring the following registry to introduce some delay in milliseconds:
- Location: HKEY_CURRENT_USER\SOFTWARE\Citrix\XenDesktop\DesktopViewer
- Name: ExtendConnectScreenMS
- Type: DWORD
- Value: 00000000 (Delay in Milliseconds)
Note:
The registry configuration is optional.
Citrix Enterprise Browser
Note:
From Citrix Workspace app for Windows version 2210, the Open all web and SaaS apps through the Citrix Enterprise Browser feature is disabled.
This release includes Citrix Enterprise Browser version 107.1.1.13, based on Chromium version 107. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
-
Set Citrix Enterprise Browser as the work browser
You can now configure Citrix Enterprise Browser as a work browser to open all work links. You can select an alternate browser to open non-work links.
A work link is a link that is associated with the web or SaaS apps that are configured by the administrator for the end user. When a user clicks any link within a native application, if it’s a work link, it’s opened through the Enterprise Browser. If not, it’s opened through the alternate browser that the end-user selects.
For more information, see Set Citrix Enterprise Browser as the work browser.
Fixed issues
-
Citrix Workspace app prompts you to select a certificate even when only one certificate exists. This issue occurs while authenticating to the Workspace (cloud) store. You can suppress this certificate prompt by adding the following registry:
On 32-bit systems:
- Location: HKEY_LOCAL_MACHINE\Software\Citrix\Dazzle or HKEY_CURRENT_USER\Software\Citrix\Dazzle
- Name: SuppressCertSelectionPrompt
- Type: String
- Value: True
On 64-bit systems
- Location: HKEY_LOCAL_MACHINE\Software\Wow6432Node\Citrix\Dazzle or HKEY_CURRENT_USER\Software\Citrix\Dazzle
- Name: SuppressCertSelectionPrompt
- Type: String
- Value: True
[CVADHELP-20844]
- Attempts to access Citrix Workspace app for Windows might fail when the VPN disconnects or reconnects [CVADHELP-20376]
- Unable to detect End Point Analysis (EPA) while authenticating to the store configured with EPA. This issue occurs when you update Citrix Workspace app from the previous version to 2210 or later. [CVADHELP-21387]
- During an optimized Microsoft Teams call, the endpoint might go into Sleep state. [HDX-44438]
- Citrix Analytics is unable to receive network-related metrics from end users. This issue occurs even when these prerequisites are met:
- App or desktop sessions are in running state for more than 15 minutes using Citrix Workspace app.
- Store or account used is CAS enabled.
Note:
Network-related CAS events are not sent for browser-based launch of apps or desktops. It is sent only when you open an app or desktop via web and from the same store that is added via the native Citrix Workspace app.
[CVADHELP-21448]
- When you open a published app in seamless mode, other local or seamless apps might appear in the foreground and cover the published app. [CVADHELP-20742, CVADHELP-21277]
2210.5
What’s new
This release addresses issues that help to improve overall performance, security, and stability.
Client App Management [Technical Preview]
Citrix Workspace app 2210.5 for Windows now offers Client App Management capability that makes the Citrix Workspace app a single client app required on the end point to install and manage agents such as the Secure Access Agent and End Point Analysis (EPA) plug-in.
With this capability, administrators can easily deploy and manage required agents from a single management console.
Client App Management includes the following steps:
- Administrators must specify the agents required on end users’ devices in the Global App Configuration Service. With this technical preview, administrators can specify Secure Access Agent and Endpoint Analysis (EPA) agent.
- Citrix Workspace app fetches the list of agents from Global App Configuration Service.
- Based on the list fetched from the Global App Configuration service, Citrix Workspace app downloads the agent packages through the auto-update service. If the agent is not previously installed on the end point, Citrix Workspace app triggers the installation of the agent. If the agent is already installed, Citrix Workspace app triggers an update to the agent (if the version of the downloaded agent is higher than the installed version.)
Citrix Workspace app ensures to automatically update the agents whenever an update is available in the future.
Citrix Workspace app automatically signs in to the agents with the Citrix Workspace credentials.
The following diagram illustrates the workflow:
You can register for this technical preview by using the Podio form. Submit a request and we reach out to you with more details.
Note:
Technical previews are available for customers to test in their non-production or limited production environments, and to give customers an opportunity to share feedback. Citrix does not accept support cases for feature previews but welcomes feedback for improving them. Citrix might or might not act on feedback based on its severity, criticality, and importance. It is advised that Beta builds aren’t deployed in production environments.
Enhancement to auto-update
Citrix Workspace app now supports auto-update when Proxy auto-configuration (PAC) and Web Proxy Auto-Discovery Protocol (WPAD) detection is enabled.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 105.2.1.40, based on Chromium version 105. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
Fixed issues
This release addresses issues that help to improve overall performance, security, and stability.
2210
What’s new
Background blurring for webcam redirection
Citrix Workspace app for Windows now supports background blurring for webcam redirection. You can enable this feature by selecting the Preferences > Connections > Enable background blur checkbox.
App Protection enhancements for web and SaaS apps on Windows 11
This App Protection enhancement optimizes the experience and security capabilities for web and SaaS app users on Windows 11. This enhancement is available via the Citrix Enterprise Browser for Secure Private Access customers.
Limiting video resolutions
Administrators who have users on lower-performance client endpoints can choose to limit incoming or outgoing video resolutions to decrease the impact of encoding and decoding video on those endpoints. Starting from Citrix Workspace app 2010 for Windows, you can limit these resolutions using client configuration options.
Note:
Users running with restricted resolutions impact the overall video quality of the conference because the Microsoft Teams server will be forced to use the lowest-common-denominator resolution for all conference participants.
Call constraints are disabled by default on the client with Citrix Workspace app 2210. To enable, administrators must set the following client-side configurations in the HKEY_CURRENT_USER\SOFTWARE\Citrix\HDXMediaStream:
Name | Type | Mandatory | Accepted Values |
---|---|---|---|
EnableSimulcast | Int | YES | 1–3 (Set it to 1) |
MaxOutgoingResolution | Int | YES | 180,240,360,540,720,1080 (Microsoft Teams supported Resolutions) |
MaxIncomingResolution | Int | YES | 180,240,360,540,720,1080 (Microsoft Teams supported Resolutions) |
MaxIncomingStreams | Int | YES | 1–8 |
MaxSimulcastLayers | Int | YES | 1–3 (set it to 1) |
MaxVideoFrameRate | Int | NO | 1–30 |
MaxScreenshareFrameRate | Int | NO | 1–15 |
All keys are DWORDs.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 105.1.1.27, based on Chromium version 105. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
Rebranding Citrix Workspace Browser
Citrix Workspace Browser is now Citrix Enterprise Browser. The custom scheme is now changed from citrixworkspace:// to citrixbrowser://.
Implementing this transition in our products and their documentation is an ongoing process. Your patience during this transition is appreciated.
- The product UI, in-product content, and the images and instructions in the product documentation will be updated in the coming weeks.
- It is possible that some items (such as commands and MSIs) might continue to retain their former names to prevent breaking existing customer scripts.
- Related product documentation and other resources (such as videos and blog posts) that are linked from this product documentation might still contain former names.
Make Citrix Enterprise Browser the work browser [Technical Preview]
You can now configure Citrix Enterprise Browser to open all work or enterprise links and apps configured by your administrator in the Citrix Workspace app. This feature provides a way for you to open only work links or web and SaaS apps in the Citrix Enterprise Browser. You can select an alternate browser to open any other non-work links or apps.
Open all web and SaaS apps through the Citrix Enterprise Browser
From this release, all internal web apps and external SaaS apps available in the Citrix Workspace app open in Citrix Enterprise Browser.
Note:
From Citrix Workspace app for Windows version 2210, the Open all web and SaaS apps through the Citrix Enterprise Browser feature is disabled.
Support for browser extensions [Technical Preview]
You can add extensions that are provided by your administrator to the Citrix Enterprise Browser in a secure way. An administrator can deploy, manage, and control the extensions. End users can view and use the extension under citrixbrowser://extensions as required. For more settings, see Global App Configuration Service.
Note:
This feature is a request-only preview. To get it enabled in your environment, fill out the Podio form.
For information on how to configure, see the Citrix Enterprise Browser documentation.
Use Global App Config service to manage Citrix Enterprise Browser [Technical Preview]
The administrator can use the Global App Configuration service for Citrix Workspace to deliver Citrix Enterprise Browser settings through a centrally managed service.
The Global App Configuration service is designed for administrators to easily configure Citrix Workspace and manage the Citrix Workspace app settings. This feature allows admins to use the Global App Configuration Service to apply various settings or system policies to the Citrix Enterprise Browser on a particular store. The administrator can now configure and manage the following Citrix Enterprise Browser settings using the Global App Configuration service:
- “Enable CWB for all apps” - Makes the Citrix Enterprise Browser the default browser for opening web and SaaS apps from the Citrix Workspace app.
- “Enable save passwords” - Allow or deny end users the ability to save passwords.
- “Enable incognito mode” - Enable or disable incognito mode.
- “Managed Bookmarks” - Allow administrator to push bookmarks to the Citrix Enterprise Browser.
- “Enable developer tools” - Enable or disable developer tools within the Enterprise Browser.
- “Delete browsing data on exit” - Allow the administrator to configure what data the Citrix Enterprise Browser deletes on exit.
- “Extension Install Force list” - Allow the administrator to install extensions in the Citrix Enterprise Browser.
- “Extension Install Allow list” - Allow the administrator to configure an allowed list of extensions that users can add to the Citrix Enterprise Browser. This list uses the Chrome Web Store.
Notes:
- This feature is a request-only preview. To get it enabled in your environment, fill out the Podio form.
- Technical previews are available for customers to test in their non-production or limited production environments, and to give customers an opportunity to share feedback. Citrix does not accept support cases for feature previews but welcomes feedback for improving them. Citrix might or might not act on feedback based on its severity, criticality, and importance. It’s advised that Beta builds aren’t deployed in production environments.
- The name and value pair are case-sensitive.
- All the browser settings in Global App Configuration Service are under the following category:
{
"category": "browser",
"userOverride": false,
"assignedTo": [
"AllUsersNoAuthentication"
]
}
<!--NeedCopy-->
- The administrator can apply the settings to unmanaged devices as well. For more information, see the Global App Configuration Service documentation.
Technical Preview
- Local App Protection
For the complete list of Technical Preview features, see the Features in Technical Preview page.
Fixed issues
- The High DPI menu under Advanced Preferences is reintroduced.
-
The default new value is No, use the native resolution, also known as DPI matching.
When you select this option, Citrix Workspace app attempts to match display resolution and DPI scale settings of the local Windows client to the HDX session automatically. DPI matching is recommended in all cases, especially when high-resolution monitors (above 1920x1080) are in use.
-
The Yes option, also known as Client-side scaling or compatibility mode is only recommended for legacy applications that are not DPI-aware and should only be used in special circumstances. This option might introduce some side effects while displaying the legacy apps, like blurry text because of the upscaling or stretching of the HDX session.
It is also a viable option when two monitors with different DPI settings (or mixed DPI) are connected to the local Windows client.
Note:
This option is not compatible with HDX optimization for Microsoft Teams.
-
With the third option Let the operating system scale the resolution also known as DPI unaware, Citrix Workspace app for Windows ignores the DPI scale settings on the local Windows client. In this mode, Windows OS need to manage scaling of Citrix Workspace app and the HDX session, same as for any other application that is not DPI-aware. This mode is not recommended for use with DPI scales over 100%.
[HDX-43720]
-
- When you add a disabled store via GPO and a different store from the same StoreFront server via GUI, a loading screen might appear and adding an account might fail. [CVADHELP-20776]
- When you add two stores from the same StoreFront server via GPO, configuring the second store might fail intermittently. [CVADHELP-20655]
- Citrix Workspace app tries to connect to the Global App Config server even when the Global App Config Service policy is disabled via GPO. [CVADHELP-20775]
- When using Citrix Workspace app for Windows 2106 or later, the Outbound ICA Proxy feature might not work. [CVADHELP-20824]
- For domain users, the receiver.exe process might fail unexpectedly. You might see this issue on the Citrix Workspace app for Windows 2206 or later. [CVADHELP-20986]
- In the optimized Microsoft Teams video meeting, call joined with video ON, you might observe a call drop. This issue occurs sporadically and when the HdxRtcEngine.exe process fails on the client side. [CVADHELP-21095]
2209
What’s new
Auto-update version control [Technical Preview]
Administrators can now manage the auto-update version for the devices in the organization.
Administrators can control the version by setting the range in the maximumAllowedVersion and minimumAllowedVersion properties in the Global App Config Service.
Example JSON file in Global App Config Service:
{
"category": "AutoUpdate",
"userOverride": false,
"assignedTo": [
"AllUsersNoAuthentication"
],
"settings": [
{
"name": "Auto Update plugins settings",
"value": [
{
"pluginSettings": {
"upgradeToLatest": false,
"deploymentMode": "InstallAndUpdate",
"stream": "Current",
"maximumAllowedVersion": "23.03.0.49",
"minimumAllowedVersion": "0.0.0.0",
"delayGroup": "Fast"
},
"pluginName": "WorkspaceApp",
"pluginId": "1CDF566D-B2C7-47CA-802F-6283C862E1D6"
}
]
}
]
}
<!--NeedCopy-->
When the range is set, Citrix Workspace app on the user’s device is automatically updated to the highest available version that falls between the mentioned range.
If you want to auto-update Citrix Workspace app to a specific version, enter the same version in the maximumAllowedVersion and minimumAllowedVersion properties in the Global App Config Service.
Note:
- Currently all the parameters mentioned in the preceding JSON file are mandatory. You must provide values for the
upgradeToLatest
setting and themaximumAllowedVersion
setting based on the requirement of your organization. However, for the remaining parameters, you can use values similar to the example JSON file.- To achieve auto-update version control, the upgradeToLatest setting in the Global App Config Service must be set to false. If this setting is set to true, maximumAllowedVersion and minimumAllowedVersion will be ignored.
- Do not modify the pluginId as this ID is mapped to Citrix Workspace app.
- If the administrator hasn’t configured the version in the Global App Config Service, Citrix Workspace app is updated to the latest available version by default.
To enable this feature:
- Launch the registry editor.
- Navigate to the
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Citrix\Dazzle
registry path. -
Create a registry value with the following attributes:
- Registry key name: Test-EnableAUVersionControl
- Type: DWORD
- Value: 0 is disabled and greater than 0 is enabled
- Restart the Citrix Workspace app for the changes to take effect.
You can provide feedback on this feature via the Podio form.
Note:
Technical previews are available for customers to test in their non-production or limited production environments, and to give customers an opportunity to share feedback. Citrix does not accept support cases for feature previews but welcomes feedback for improving them. Citrix might or might not act on feedback based on its severity, criticality, and importance. It is advised that Beta builds aren’t deployed in production environments.
Upgraded version of WebRTC for the optimized Microsoft Teams
The version of WebRTC that is used for the optimized Microsoft Teams is upgraded to version M98.
Supporting auto-update of Citrix Workspace app on VDA
You can now enable the auto-update feature on VDA by creating the following registry value:
On a 32-bit machine:
- Registry Key: HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\ICA Client\AutoUpdate
- Registry Value: AllowAutoUpdateOnVDA
- Registry Type: REG_SZ
- Registry Data: True
On a 64-bit machine:
- Registry Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Citrix\ICA Client\AutoUpdate
- Registry Value: AllowAutoUpdateOnVDA
- Registry Type: REG_SZ
- Registry Data: True
Improved virtual apps and desktops launch experience [Technical Preview]
Previously, the launch progress dialog box wasn’t intuitive to the users. It made the users assume that the launch process isn’t responding and they closed the dialog box, as the notification messages were static.
The improved app and desktop launch experience is more informative, modern, and provides a user-friendly experience on Citrix Workspace app for Windows. This feature helps to keep the users engaged with timely and relevant information about the launch status. The notification appears in the bottom-right corner of your screen.
This feature is also supported on Workspace for Web. Users can view meaningful notifications about the launch progress, instead of just a spinner. If a launch is in progress and the user attempts to close the browser, a warning message is shown.
You can enable this feature using the registry.
- Open the registry editor.
- Navigate to
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Citrix\Dazzle
. - Create and add a registry string with the name as NewLaunchExpSupport and set its value as True.
- Restart Citrix Workspace app for the changes to take effect.
Note:
This feature is applicable to Workspace (cloud) sessions only.
Known issues:
- On a multi-monitor setup, the application windows in a desktop session of the Citrix Workspace app move to a different monitor. This issue occurs when you disconnect and reconnect a session.
- This feature is not supported for browser-based launch.
You can provide feedback on this feature via the Podio form.
Note:
Technical previews are available for customers to test in their non-production or limited production environments, and to give customers an opportunity to share feedback. Citrix does not accept support cases for feature previews but welcomes feedback for improving them. Citrix might or might not act on feedback based on its severity, criticality, and importance. It is advised that Beta builds aren’t deployed in production environments.
Citrix Enterprise Browser (formerly Citrix Workspace Browser)
This release includes Citrix Enterprise Browser version 103.2.1.10, based on Chromium version 103. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
-
Citrix Enterprise Browser Profiles
Profiles help you keep personal information such as history, bookmarks, passwords, and other settings separate for each of your Citrix Workspace accounts. Based on your Workspace store, a profile is created, allowing you to have a unique and personalized browsing experience.
Note:
After you upgrade to version 103.2.1.10 and sign in to the device for the first time, only your previously saved passwords are removed. When you sign in to the device using a different store for the first time, all your previously saved data is lost.
Technical Preview
- Quick Launch of Disconnected Desktops
For the complete list of Technical Preview features, see the Features in Technical Preview page.
Fixed issues
-
With this fix, a sign-in page appears when you sign out from Citrix Workspace app for Windows, specific to on-premises stores.
To enable the fix, set the following registry values:
On 32-bit systems:
- HKEY_LOCAL_MACHINE/Software/Citrix/Dazzle
- Name: ShowSignInPageOnLogOff
- Type: REG_SZ
- Value: True
On 64-bit systems:
- HKEY_LOCAL_MACHINE/Software/Wow6432Node/Citrix/Dazzle
- Name: ShowSignInPageOnLogOff
- Type: REG_SZ
- Value: True
[CVADHELP-19967]
-
The Applocker rule in Group Policy Object blocks the integration of the Citrix Gateway plug-in with Citrix Workspace. As a result, several temporary files of the format VPNXXXX.tmp are created in the temp folder. The files are created even when the registry key, HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\Secure Access Client has DisableIconHide value. [CVADHELP-19709]
-
When you start a published app through a PNAgent site, Citrix Workspace app for Windows displays the following message:
A fatal error occurred.
[RFWIN-28208]
-
Citrix Workspace app might not be responsive after the launch. {CVADHELP-20317]
2207
What’s new
Background blurring and effects for Microsoft Teams optimization with HDX
Citrix Workspace app for Windows now supports background blurring and effects in Microsoft Teams optimization with HDX.
You can either blur or replace the background with a custom image and avoid unexpected distractions by helping the conversation stay focused on the silhouette (body and face). The feature can be used with either P2P or conference calls.
Note:
This feature is now integrated with the Microsoft Teams UI/buttons. MultiWindow support is a prerequisite that requires a VDA update to 2112 or higher. For more information, see Multi-window meetings and chat.
Limitations:
- Admin and user-defined background replacement isn’t supported.
- The background effect doesn’t persist between sessions. When you close and relaunch Microsoft Teams or VDA is reconnected, the background effect is reset to off.
- After the ICA session is reconnected, the effect is off. However, the Microsoft Teams UI shows that the previous effect is still On by a tick mark. Citrix and Microsoft are working together to resolve this issue.
- The device must be connected to the internet while replacing the background image.
Note:
This feature is available only after the future update roll-out from Microsoft Teams. When the update is rolled-out by Microsoft, you can check Knowledge Center articleCTX253754 and the Microsoft 365 Public roadmap for the documentation update and the announcement.
Background blurring for webcam redirection [Technical Preview]
Citrix Workspace app for Windows now supports background blurring for webcam redirection. You can enable this feature using the registry:
- Location HKEY_CURRENT_USER\Software\Citrix\HdxRealTime.
- Name: EnableBackgroundEffectFilter.
- Type: DWORD.
- Value: 0 is disabled. Any other value is enabled. If the value doesn’t exist or is 0, all background blur settings are ignored, and the Preferences > Connections > Enable background blur checkbox that handles the blur effect is disabled.
Recommendation:
Close the webcam application on VDA before closing the ICA session.
You can provide feedback on this feature via the Podio form.
Improved auto-update experience
The auto-update feature automatically updates the Citrix Workspace app to the latest version without the need for any user intervention.
Citrix Workspace app periodically checks and downloads the latest available version of the app. Citrix Workspace app determines the best time to install based on user activity not to cause any disruptions.
When the installation is complete, the following notification appears:
If the Citrix Workspace app can’t find the right time to install the updates in the background, a notification prompt appears.
Enhancement to auto-update [Technical Preview]
Citrix Workspace app now supports auto-update when Proxy auto-configuration (PAC) and Web Proxy Auto-Discovery Protocol (WPAD) detection is enabled.
Note:
Technical previews are available for customers to test in their non-production or limited production environments, and to give customers an opportunity to share feedback. Citrix does not accept support cases for feature previews but welcomes feedback for improving them. Citrix might or might not act on feedback based on its severity, criticality, and importance. It’s advised that Beta builds aren’t deployed in production environments.
You can provide feedback on this feature via the Podio form.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 102.1.1.14, based on Chromium version 102.
-
Open all web and SaaS apps through the Citrix Enterprise Browser [Technical Preview]
From this release, all internal web apps and external SaaS apps available in the Citrix Workspace app, open in the Citrix Enterprise Browser. You can register for this technical preview by using the Podio form.
Note:
Technical previews are available for customers to test in their non-production or limited production environments, and to give customers an opportunity to share feedback. Citrix does not accept support cases for feature previews but welcomes feedback for improving them. Citrix might or might not act on feedback based on its severity, criticality, and importance. It’s advised that Beta builds aren’t deployed in production environments.
Note on Citrix Workspace app update
While updating Citrix Workspace app for Windows from the previous version to 2207, user is prompted to sign in. The sign-in is prompted only for the workspace store.
Fixed issues
Session/Connection
-
Optimized Microsoft Teams might not select a new default audio device connected to the endpoint. [CVADHELP-20528]
Note:
This fix is available only after the future update roll-out from Microsoft Teams.
- Configuring stores with geo DNS URL via Group Policy Object or command line might fail if you have set AllowAddStore=N during the Citrix Workspace app installation. [CVADPHELP-19853]
- Citrix Authentication Manager (AuthManSvr.exe) might exit unexpectedly during logon. [CVADHELP-18901]
User Interface
- When you’re using custom web stores, links in the Citrix Workspace app opens in the system browser. [RFWIN-27855]
2206
What’s new
Background blurring and effects for Microsoft Teams optimization with HDX [Technical Preview]
In Citrix Workspace app 2206 for Windows, Citrix is introducing a technical preview for background blurring and effects in Microsoft Teams optimization with HDX.
Now, you can either blur or replace the background with a custom image and avoid unexpected distractions by helping the conversation stay focused on the silhouette (body and face). The feature can be used with either P2P or conference calls.
Note:
- In this technical preview, the feature can only be controlled via the registry keys and it isn’t integrated with the Microsoft Teams UI/buttons.
- The new background persists in all Microsoft Teams meetings and calls until you change it again via a registry key. For the change to take effect, you must only restart Microsoft Teams. This limitation is removed once the feature is GA, and for that it requires Multi-window support (VDA 2112 or higher). To activate or deactivate background blurring and effects, administrators or users must configure the following registry key on the client/endpoint:
Location: HKEY_CURRENT_USER\SOFTWARE\Citrix\HDXMediaStream
- Name: VideoBackgroundEffect
- Type: DWORD
- Value: 0 (disabled), 1 (enabled), 2 (background image replacement, which requires the VideoBackgroundImage key to be present as well)
The following key is required only if you want to replace the background image and not for blurring:
- Name: VideoBackgroundImage
- Type: REG_SZ
- Value: my_image_name.jpeg
Note:
The file name, for example, my_image_name.jpg (or the name you provide for the file) must be placed in the user’s device, Citrix Workspace app install directory,
C:\Program Files (x86)\Citrix\ICA Client
.
Improved graphics performance
Citrix Workspace app 2206 introduces significant performance improvements for Intel integrated GPUs:
- Graphics GPU consumption has been reduced, improving overall performance.
The following issues are fixed:
- Low frames per second after playing a video on the Intel 10th Generation GPU or higher.
- Brightness difference in Build-To-Lossless or for Actively Changing Regions on Intel and AMD GPUs.
Enhancement to App Protection: Anti-code Injection [Technical Preview]
Citrix Workspace app now ensures that no unauthorized dynamic-link libraries (DLL) or untrusted modules get access to the session.
If any untrusted module gets injected during a session, the Citrix Workspace app detects such intervention and stops the module from loading.
Also, if any untrusted or malicious DLL is detected before the session launch, App Protection blocks the session launch and displays an error message. Closing the error message exits the virtual app and desktop session.
You can register for this technical preview by using this Feedback form.
Note:
Technical previews are available for customers to test in their non-production or limited production environments, and to give customers an opportunity to share feedback. Citrix does not accept support cases for feature previews but welcomes feedback for improving them. Citrix might or might not act on feedback based on its severity, criticality, and importance. It is advised that Beta builds aren’t deployed in production environments.
App Protection enhancements for web and SaaS apps on Windows 11 [Technical Preview]
This App Protection enhancement optimizes the experience and security capabilities for web and SaaS app users on Windows 11. This enhancement is available via the Citrix Enterprise Browser for Secure Private Access customers. You can register for the Technical Preview via the Feedback form. For more information, see App Protection documentation.
Note:
Technical previews are available for customers to test in their non-production or limited production environments, and to give customers an opportunity to share feedback. Citrix does not accept support cases for feature previews but welcomes feedback for improving them. Citrix might or might not act on feedback based on its severity, criticality, and importance. It is advised that Beta builds aren’t deployed in production environments.
Improved auto-update experience [Technical Preview]
The auto-update feature automatically updates the Citrix Workspace app to the latest version without the need for any user intervention.
Citrix Workspace app periodically checks and downloads the latest available version of the app. Citrix Workspace app determines the best time to install based on user activity to not cause any disruptions.
When the installation is complete, the following notification appears:
If the Citrix Workspace app can’t find the right time to install the updates in the background, a notification prompt appears.
You can register for the Technical Preview via the Podio form.
Note:
Technical previews are available for customers to test in their non-production or limited production environments, and to give customers an opportunity to share feedback. Citrix does not accept support cases for feature previews but welcomes feedback for improving them. Citrix might or might not act on feedback based on its severity, criticality, and importance. It is advised that Beta builds aren’t deployed in production environments.
Enabling DPI matching
Starting with Citrix Workspace app 2206 for Windows, DPI matching is enabled by default. This means Citrix Workspace app attempts to match display resolution and DPI scale settings of the local Windows client to the Citrix session automatically. As part of this change, the High DPI option available under Advance Preferences in Citrix Workspace app is no longer available.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 101.1.1.12, based on Chromium version 101. For features or bugs fixes in the Citrix Enterprise Browser, see What’s new in the Citrix Enterprise Browser documentation.
Fixed issues
Install, Uninstall, Upgrade
- Citrix Workspace Updater service might fail to start resulting in installation failure. This issue occurs when the client is not connected to the internet. [CVADHELP-19613]
Session/Connection
- When using Citrix Workspace app 2204.1 or later, the session might disconnect. This issue occurs if there’s a restriction to run unsigned binaries, for example, wfica.ocx. [CVADHELP-20053]
-
When you start Citrix Workspace app for the first time after adding the store URL, the following error message appears:
“Your Citrix Workspace app encountered an error while initializing Microsoft Edge WebView2. Restart your app.”
This issue occurs when you add the store URL through the GPO or command line and includes ‘/’ after discovery, for example,
https://sales.example.com/Citrix/Store/discovery/;On;Store
.[CVADHELP-20214]
-
On Citrix Workspace app for Windows, when you add store URLs using Group Policy Object, the following error message might appear: “Cannot connect to server.”
This issue occurs if one of the stores is disabled and isn’t reachable. [CVADHELP-19751]
-
When you update the Citrix Workspace app from version 2006 or earlier, the gateway and beacon configurations of the existing stores might get deleted and the same configurations are added again even when the store configurations aren’t changed in the Group Policy Object. [CVADHELP-19839]
- Attempts to launch applications or desktops from a tablet using Citrix Workspace app might fail. The issue occurs when the client IP address can’t be retrieved. [CVADHELP-19703]
- While sharing the screen or app during the Microsoft Teams call, your peers might see visual artifacts. This issue occurs because of unstable frame rates, such as incorrect video playback (frozen or transient black frames). This release includes improved frame rates or sampling rates that help to reduce visual artifacts. [HDX-38032]
User Interface
- The Desktop Viewer toolbar might not be visible when you open the virtual desktop from custom portal stores. [CVADHELP-20253]
- When using Citrix Workspace app for Windows with Browser Content Redirection, resizing the browser window continues even when you release the mouse button. [HDX-38024]
- Battery status notification and automatic keyboard pop-up dialog might not appear during the session when the Automatic keyboard display policy is enabled on the DDC. [HDX-39558]
- When you plug-in aa USB device or access files, Citrix Workspace app might show legacy Citrix Workspace - Security Warning dialog. [LCM-10369]
Service Continuity
- Citrix Workspace app launch might fail due to missing lease files resulting in 3002 error. This release includes the improvement where lease sync completes only when the client syncs all the lease files present on the server. [RFWIN-26540]
2205
What’s new
Note:
From this release onward, ensure that the Microsoft Edge WebView2 Runtime version is 99 or later. For more information, see System requirements and compatibility.
Change to Citrix Casting
Previously, Citrix Casting was enabled by default during the Citrix Workspace app installation. Starting from this release, Citrix Casting is enabled only if you run Citrix Workspace app installer with the /IncludeCitrixCasting
command during installation.
When you update Citrix Workspace app, the Citrix Casting gets updated automatically. For more information on Citrix Casting, see Citrix Casting.
Quick access to resources
Starting from this release, you can get quick access to your recently used apps and desktops. Right-click on the Citrix Workspace app icon in the taskbar to view and open the recently used resources from the pop-up menu.
Sign out custom web store upon Citrix Workspace app exit
When the signoutCustomWebstoreOnExit
attribute is set to True, closing the Citrix Workspace app signs you out of custom webstores. You can configure the signoutCustomWebstoreOnExit
attribute in Global App Configuration Service.
For more information, see Global App Configuration Service documentation.
Support to open Citrix Workspace app in maximized mode
Starting from this release, you can choose to open the Citrix Workspace app in maximized mode. Instead of maximizing the Citrix Workspace app manually every time, you can set the maximise workspace window
property in the Global App Configuration Service to enable the Citrix Workspace app to open in the maximized mode by default.
For more information about the Global App Configuration Service, see Getting Started.
Storebrowse support for Workspace
Citrix Workspace app for Windows now provides Storebrowse support to self-service that enables Storebrowse users to access Cloud and Workspace features.
Note:
- This feature provides Storebrowse support with single sign-on only.
- The prerequisites mentioned in System requirements and compatibility must be available to use this feature.
For more information, see Storebrowse for Workspace.
Citrix Enterprise Browser
-
This release includes Citrix Enterprise Browser version 99.1.1.8, based on Chromium version 99. For features or bugs fixes in the Citrix Enterprise Browser, see What’s new in the Citrix Enterprise Browser documentation.
-
Citrix Workspace app now alerts you about closing active browser windows, when you do any of the following in the Citrix Workspace app:
- Sign out from a store
- Switch to a different store
- Add a new store
- Delete the current store
Fixed issues
User interface
- In Citrix Workspace app for Windows, non-admin users might not be able to disable the Data Collection setting through the Advanced Preferences dialog. [RFWIN-26795]
Session/Connection
-
When you restart Microsoft Teams, the existing HdxRtcEngine.exe process might not close and might start a new process. [HDX-40006]
-
During a peer-to-peer call with Microsoft Teams HDX optimization, app window sharing might fail to stop after a high number of start/stop sharing repetitions, and you might not be able to share desktop screen or app window, call, or receive an incoming call until you restart Citrix Workspace app. [HDX-39549]
-
During Give Control session with Microsoft Teams HDX optimization, the remote cursor is drawn slightly offset from its actual position. [HDX-36376]
-
When you access a VDA for the first-time using Citrix Workspace app for Windows version 2112 or later, the following security message might appear:
An Online Application is attempting to access information on a device attached to your computer HDX File Access.
In previous versions, this message was present only during the first access to each published resource in a Delivery Group and not every VDA.
[CVADHELP-19636]
Install, Uninstall, Upgrade
-
When you upgrade Citrix Workspace app for Windows, the following extra registry key might be created:
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\WOW6432Node\Citrix
The issue occurs when the auto-update command-line policy is configured.
The TransparentKeyPassthrough registry value in
HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\Virtual Channels\Keyboard
isn’t preserved on a 32-bit machine.[CVADHELP-19625]
2204.1
What’s new
Audio redirection enhancement
Improved audio echo cancellation support for all audio codecs including Adaptive audio and all legacy audio codecs.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 98.1.2.20, based on Chromium version 98. For features or bugs fixes in the Citrix Enterprise Browser, see What’s new in the Citrix Enterprise browser documentation.
Microsoft Teams optimization
- App Protection and Microsoft Teams enhancement: Microsoft Teams supports incoming video and screen sharing when Citrix Workspace app for Windows with App Protection enabled is on Desktop Viewer mode only. Published apps in seamless mode don’t render incoming video and screen sharing.
Technical Preview
- Support for an enhanced single sign-on (SSO) experience for web and SaaS apps
For the complete list of Technical Preview features, see the Features in Technical Preview page.
Fixed issues
Session/Connection
-
Citrix ADC appliance might crash when certain conditions are triggered from Citrix Workspace app for Windows. [HDX-39683]
-
In Citrix Workspace app, you might experience intermittent failures when answering or making a Microsoft Teams call. The following error message appears:
Call could not be established.
[HDX-38819]
-
When you try to redirect to the preferred webcam as set in the Citrix Workspace app for Windows, the setting might not be executed as configured.
With this fix, the preferred webcam is the only available webcam in the user session. This fix provides better control when multiple webcams are available in the user session.
[HDX-38214]
-
If Citrix Workspace app is configured to show apps in Desktop and Start menu shortcut folder, then launching apps and desktop session from the Desktop or Start menu post Citrix Workspace app exit might result in failure. [RFWIN-26508]
-
Attempts to add the Citrix Gateway URL might fail intermittently with the following error message:
Authentication Service cannot be contacted.
[CVADHELP-19415]
-
With this fix, you can set TWITaskbarGroupingMode to GroupNone either in
HKEY_CURRENT_USER
orHKEY_LOCAL_MACHINE
. The TWITaskbarGroupingMode key is available under, for example, HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\Virtual Channels\Seamless Windows. [CVADHELP-19106]
Install, Uninstall, Upgrade
- When customers use the app personalization service, the Workspace installer might hang while validating the certificate. [RFWIN-21122]
2202
What’s new
Storebrowse support for Workspace [Technical Preview]
Starting from this release, Citrix Workspace app for Windows provides Storebrowse support to Self-Service. This enables Storebrowse users to access Cloud and Workspace features.
Note:
- This feature provides Storebrowse support with single sign-on only.
- The prerequisites mentioned in System requirements and compatibility must be available to use this feature.
For more information, see Storebrowse for Workspace.
Note:
Technical previews are available for customers to test in their non-production or limited production environments, and share feedback. Citrix does not accept support cases for feature previews but welcomes feedback for improving them. Citrix might or might not act on feedback based on its severity, criticality, and importance. It is advised not to deploy Beta builds in production environments.
Citrix Enterprise Browser
For features or bugs fixes in the Citrix Enterprise browser, see What’s new in the Citrix Enterprise browser documentation.
Note:
The system requirements for Citrix Workspace 2202 for Windows have changed as follows:
- Minimum .NET version required is 4.8.
- Minimum VCRedist version required is 14.30.30704.0.
Fixed issues
Install, Uninstall, Upgrade
-
When you upgrade Citrix Workspace app for Windows from Version CU4 to CU5 without installing self-service, the following prompt might appear:
Upgrading from Unsupported Version
Citrix Workspace will automatically uninstall your old version and delete all your settings, which you can restore later. Otherwise you will have to delete everything manually. Click OK to continue.
[CVADHELP-18790]
- Attempt to refresh or launch an app results in the cannot contact store error message. This issue happens when the retrieval of shortcut description for specific subscribed apps fails.
Your apps are not available at this time. Please try again in a few minutes or contact your help desk with this information: cannot contact store.
[CVADHELP-18736]
Session/Connection
- The Print Screen key might not capture screenshots when Citrix Workspace app for Windows with App Protection enabled starts in the background. [RFWIN-25835]
-
Starting a published application through a PNAgent site on StoreFront using Citrix Workspace app for Windows might fail with the following error message:
Cannot start app. Please contact your help desk.
[CVADHELP-19209]
-
Launching sessions from Delivery Groups with an access policy rule specifying the client IP address might fail if the client has multiple NICs.
Rule: Set-BrokerAccessPolicyRule -Name <rulename> -includedClientIPs <Client ip address>
[CVADHELP-18783]
- Shortcuts for published applications through Citrix Workspace app cannot be created without appropriate permissions. As a result, the icons might be downloaded in the user profile at every refresh, increasing the cache size on the endpoints and the CPU consumption in the StoreFront side. [CVADHELP-18609]
- After you configure a store through Group Policy Object or the command, refreshing the self-service UI opened from the notification area or the Start menu might fail. A Cannot contact server message appears. [CVADHELP-19242]
- Virtual Desktop prompts you to enter credentials although domain pass-through is configured. This issue occurs when you launch a virtual desktop from the Citrix Workspace app. [RFWIN-26111]
- In Citrix Workspace app 2112.1, you might experience high CPU utilization on endpoint when webcam is turned on in an optimized Microsoft Teams video call. [HDX-37168]
Known issues
Known issues in 2409
- In some instances, when using Citrix Workspace app version 2409 with RealTime Media Engine (RTME) version 2.9.700, the VDA launch from StoreFront might not be successful. This issue occurs if the updater service is unable to remove the
vcruntime140.dll
andmsvcp140.dll
binaries. To resolve the issue, reboot the endpoint or manually remove or rename thevcruntime140.dll
andmsvcp140.dll
binaries. [RFWIN-36992] - The Desktop Viewer menu might occasionally appear on a different screen than the one currently in use. This behavior can occur randomly when interacting with the viewer menu bar to expand or minimize it. As a workaround, drag the Desktop Viewer to the monitor where the desktop is located. [HDX-73186]
- You might notice that the Connection Details icon text is truncated. As a workaround, hover over the icon. [HDX-73562]
-
If files matching the following patterns are present in the Citrix Workspace app for Windows installation location, they might impact the functionality of the Citrix Workspace app and must be deleted:
msvcp140.dll
vcruntime140.dll
api-ms-win-core*.dll
api-ms-win-crt*.dll
ucrtbase.dll
These files are typically created by RTME or Cisco VDI plugin and deleted as follows:
- For admin mode installations, Citrix Workspace app deletes these files automatically.
- For user mode installations, these files are cleaned up automatically during Citrix Workspace app install, upgrade, auto-update, or uninstall. However, if these files are created by any plugin after Citrix Workspace app installation, they need to be deleted manually. [RFWIN-36920]
- When the device sharing system audio is removed while sound is being played, and the audio switches to a device with a different audio format, the system audio is not heard by the other user. As a workaround, reshare the audio. [HDX-70936]
- The
UpdaterService.exe
might initiate during the installation process when the required .NET files are missing from the system. Therefore, this might cause the installation of Citrix Workspace app to become stuck, as theUpdaterService.exe
fails to proceed. As a workaround, install .NET Desktop Runtime 8.0 or later and then retry the installation [RFWIN-36230]
Known issues in 2405.10
- When Browser Content Redirection (BCR) is enabled, the drop-down menus might fail to render in the browser when the Citrix desktop session is in full-screen mode. As a workaround, use the Citrix desktop session in Windowed mode. [CVADHELP-18385]
Known issues in 2405
-
When Citrix Workspace app uses Fast Connect 3 Credential Insertion API for authentication, you might notice that the
CtxCredApi.dll
, which is used to inject credentials in SSON server, is present only for x64 systems. As a result, you might not be able to use theCtxCredApi.dll
when running on x86 apps. As a workaround, use x64 apps to access theCtxCredApi.dll
. [RFWIN-35818] -
You might fail to customize Citrix Workspace app using App Personalization service. This issue occurs in Citrix Workspace app version 2405 or later. [RFWIN-36015]
-
You might notice that the error messages for the failed sessions in Citrix Workspace app are not displayed correctly. The following text artifacts are observed:
- Instead of the reason for error
%s
is displayed - Error number is displayed twice
You can see the additional details on the error message by searching the transaction ID in Citrix Director (for on-premises sites) or in Citrix Monitor (for cloud sites) console to troubleshoot the issue. [HDX-67197]
- Instead of the reason for error
-
When a new user starts the virtual desktop for the first time, the session window appears small. Also, the window is placed in the upper left of the screen. The issue is observed on certain display devices with high DPI, such as the Microsoft Surface Pro. As a workaround, resize the window manually. The preferred dimensions are retained, and subsequent starts of the same desktop display correctly. [HDX-62297]
Known issue in 2403.1
- In a double-hop scenario, the
ALT +TAB
key might not work on macOS clients. [CVADHELP-23085] - If a full screen HDX session is on focus, and endpoint is locked using
Ctrl+Alt+Del
, users might be unable to type anything after unlocking. [CVADHELP-24512] - H265 444 on Intel might result in artifacts being visible in the session. As a workaround, resize the session or toggle full-screen mode. [HDX-60061]
Known issues in 2403
-
If you have Real-Time Media Engine (RTME) older than 2.9.700 version installed on the end point device, you might fail to open published apps or desktops. This issue occurs on Citrix Workspace app for Windows 2403 and on Citrix Workspace app for Windows 2402 LTSR versions. As a workaround, you can do one of the following:
- If you use Skype for business with the RTME plug-in, upgrade RTME to 2.9.700 version or later.
- If you do not use Skype for business, uninstall HDX Real time pack using the uninstall wizard (add or remove programs) on Windows.
- If you are using Citrix Workspace app for Windows version 2403, upgrade to the 2403.1 version.
For more information, see Knowledge Center article CTX666291. [HDX-63684]
-
If the end user machine has multiple versions of .Net installed, and .Net is upgraded for the version which is not in use by the Citrix Workspace app, the app restarts. [RFWIN-32377]
-
When you’re using a virtual desktop session, the
Ctrl+Alt+Break
keyboard shortcut doesn’t work as expected. This keyboard shortcut is used to access the menu options of the Desktop Viewer toolbar and to toggle between the windowed and the full-screen modes. [RFWIN-31815] -
BCR MSI standalone is currently not supported with non-admin install. [HDX-62636]
-
When a new user starts the virtual desktop for the first time, the session window appears small. Also, the window is placed in the upper left of the screen.
The issue is observed on certain display devices with high DPI, such as Microsoft Surface Pro.
As a workaround, resize the window manually. The preferred dimensions are retained, and when you start the same desktop, it displays correctly. [HDX-62297]
Known issues in 2311.1
- When the name of the audio device is more than 200 characters, the device might fail to redirect to the virtual session. [HDX-58341]
- The Windows Surface touchpad and soft keyboard might not be supported on the Citrix Workspace app sign in screen. This issue occurs when you sign in to a session that is published from Windows VDA in full-screen mode. As as a workaround, open the session in window mode and then sign in to the Citrix Workspace app. [RFWIN-32050]
- Attempts to exit Citrix Workspace app might fail if you have any apps or desktops sessions that are still open. The workaround is to disconnect from all open desktops and apps using the Desktop Viewer toolbar or the connection center before exiting Citrix Workspace app. [HDX-59129]
- You might notice that there is no automatic focus inside the virtual desktop that is opened in full-screen mode. You must click inside the session to regain focus. [RFWIN-32051]
- You might notice visual artifacts when attempting to split the screen or adjust the primary monitor within the Monitor Layout tab on the Preferences screen. [HDX-59798]
-
Sometimes, USB composite devices might not be split automatically even though a correct device redirection rule is set to split the device. This issue occurs because the device is in low power mode. In these instances, the child device that enters low power mode might not be present in the device list. You can use the following workarounds to overcome this issue:
-
Disconnect the session, insert the USB device, and reconnect to the session. Or,
-
Unplug the USB device and plug it back in. This action results in the device moving out of low power mode. [HDX-34143]
-
Known issues in 2309
- You might fail to start sessions if the ICA file or the folder where the ICA file is downloaded is named with Unicode or non-English characters. This issue occurs only when you access and authenticate a store using a browser and then start any app or desktop using native Citrix Workspace app. To mitigate this issue, we recommend that you continue on the Citrix Workspace app for Windows for 2307.1 version until a new version is released. [HDX-55649]
- You might not be able to the sign in to Citrix Workspace app using single sign-on or might not see the authentication prompt in cloud stores. This issue occurs when the account is configured through the GPO or command line for the first time and when the self-service mode is set to false and the Silent authentication to Citrix Workspace policy is enabled. [CVADHELP-22641]
- A jittery movement might be observed in the mouse cursor on Citrix Workspace app when the Use relative mouse setting is enabled. [CVADHELP-21829]
- In certain scenarios, when Citrix Workspace app fails to start apps or desktops, you might get two error messages, where one message appears in a dialog box and the other is a toast notification. [RFWIN-31561]
-
Installation of Citrix Workspace app for Windows version 2309 using the command line might fail if you’ve included a space character in the store name for the
STORE0
parameter. As a workaround, use the store name without spaces while installation as shown in the following example:CitrixWorkspaceApp.exe STORE0="AppStore;https://sales.example.com/Citrix/Store/discovery;on;HR AppStore" <!--NeedCopy-->
[RFWIN-31704]
Known issues in 2305.1
- You might be prompted to enter proxy credentials each time when you start Citrix Workspace app. [RFWIN-26399]
- When you switch from external monitors to a single monitor (for example laptop), the size of Citrix Workspace app menu options, UI text, and dialog boxes might appear smaller than the normal display size. [HDX-47575]
- You might notice a gray screen for a few seconds before the sessions are opened successfully. This issue occurs for cloud stores. It also occurs for on-premises stores when the improved virtual apps desktops launch experience for StoreFront feature, which is in technical preview, is enabled. [RFWIN-30327]
- When connecting through Citrix Gateway, if there is high latency, sessions might fail to connect using EDT and fallback to TCP. If HDX Adaptive Transport policy is set to Diagnostic mode, the sessions might fail to start. [HDX-49878]
Known issues in 2303
- The Citrix Workspace app might stop responding if you have any mouse interaction (mouse action or movements) on the Restore session dialog box. This issue occurs when you start a session after upgrading from the Citrix Workspace app version 2302–2303 and if there are disconnected sessions previously. [RFWIN-29663]
Known issues in 2302
-
You might not be able to use the Bloomberg Terminal application with the Bloomberg Keyboard 5 or Bloomberg Keyboard 2013. This issue occurs when Citrix Workspace app version 2302 is installed on your system with the App Protection feature enabled. As a workaround, upgrade to Citrix Workspace app version 2303 or create the following registry key and reboot the machine:
- Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\epusbfilter
- Value: [DWORD]
- DisableUSBFiltering= 1
[CVADHELP-22221]
Known issues in 2212
-
When the BCRClient.msi cannot be repaired, the following error appears during the Citrix Workspace app installation:
[HDX-46964]
-
Some SaaS apps which have enhanced security OFF fail to open in Citrix Enterprise Browser if Citrix Enterprise Browser is the default browser. [CTXBR-4106]
Known issues in 2210.5
- When you open a published app in seamless mode, other local or seamless apps might appear in the foreground and cover the published app. [CVADHELP-20742]
-
With certain older AMD GPU series, purple video content or flashing screens might be seen with Citrix Workspace app 2206 or newer. As a workaround, modify the following registry:
- Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Citrix\ICA Client\Engine\Configuration\Advanced\Modules\GfxRender
- Value: [DWORD]
- ForceVP= 1
[HDX-46264]
Known issues in 2210
- Desktop Viewer toolbar might cover the screen when the desktop is in normal resolution and DPI. [HDX-45206]
- Desktop Viewer toolbar might not appear correctly in the full-screen mode and displays the options in an incorrect order. [HDX-45189]
- The position of the window and size might not be persistent when you reconnect the desktop. [HDX-44997]
Known issues in 2209
No new issues have been observed in this release.
Known issues in 2207
No new issues have been observed in this release.
Known issues in 2206
No new issues have been observed in this release.
Known issues in 2205
-
In Citrix Workspace app for Windows, the Advanced Audio Coding (AAC) supports only a maximum of 6 channels. [CTXBR-2941]
-
When you plug-in an USB device or access files, Citrix Workspace app might show legacy Citrix Workspace - Security Warning dialog. [LCM-10369]
-
Battery status notification and automatic keyboard pop-up dialog might not appear during the session when Automatic keyboard display policy is enabled on the DDC. [HDX-39558]
Known issues in 2204.1
-
Citrix Workspace app for Windows installation in offline mode might fail when installer can’t find Microsoft Edge WebView2 on your system.
As a workaround, install MicrosoftEdgeWebView2RuntimeInstallerX86.exe as an administrator and then try to install Citrix Workspace app for Windows.
[RFWIN-26329]
Known issues in 2202
- Fresh install or update operation of Citrix Workspace app might result in delay for about 10–30 mins. For more information, see Knowledge Center article CTX335639. [RFWIN-25752]
Known issues in 2112.1
- The Print Screen key might not capture screenshots when Citrix Workspace app for Windows with App Protection enabled starts in the background. [RFWIN-25835]
- Fresh install or update operation of Citrix Workspace app might result in delay for about 10–30 mins. For more information, see Knowledge Center article CTX335639. [RFWIN-25752]
- Sign out from Citrix Workspace app for Windows might not succeed when proxy authentication is enabled. [RFWIN-24813]
- If you are using Citrix Workspace app on Microsoft Windows 11 machines, Activity Feed and Actions tabs might be missing. [WSP-13311]
- While using the Citrix Enterprise Browser, you can’t take screenshots of unprotected URL windows even when protected windows are minimized. [CTXBR-1925]
- If you have enabled Browser Content Redirection, you cannot sign into Google Meet. [HDX-34649]
As a workaround:
- Ensure that https://www.youtube.com/* is available in the Access Control List.
- Ensure that https://accounts.google.com/* is in the authentication sites list.
- Sign in to your Google account on any intermediary Google site, for example, YouTube.
- From the same instance of Google Chrome, launch Google Meet.
-
In Citrix Workspace app 2112.1, you might experience high CPU utilization on endpoint when webcam is turned on in an optimized Microsoft Teams video call. As a workaround, create the following registry value on your endpoint:
Computer\HKEY_CURRENT_USER\SOFTWARE\Citrix\HDXMediaStream Name: UseDefaultCameraConfig Type: REG_DWORD Value: 0
[HDX-37168]
-
In Citrix Workspace app, you might experience intermittent failures when answering or making a Microsoft Teams call. The following error message appears:
Call could not be established.
As a workaround, try to re-establish the Microsoft Teams call.
[HDX-38819]
Known issues in 2109.1
No new issues have been observed in this release.
Known issues in 2109
If you’ve installed the Citrix Workspace app with a version earlier than 2109 as a user and the admin installs version 2109, the Entry point not found error message appears if you log back into the device as a user. When you click OK, the message disappears and the Citrix Workspace app is updated to version 2109. [RFWIN-25008]
If your admin has installed external extensions in Google Chrome, the Citrix Enterprise Browser crashes when you open it. [CTXBR-2135]
Known issues in 2108
Sessions fail to launch in the offline mode (Service continuity) on client machines, when the user name has Cyrillic or in east Asian characters. [RFWIN-23906]
Known issues in 2107
No new issues have been observed in this release.
Known issues in 2106
- On stores where the Service continuity feature is enabled, you might not be able to launch resources. The issue occurs with Unicode users. [RFWIN-23439]
- Attempt to redirect a webcam using Citrix Workspace app for Windows that is installed on a VDA, the webcam might fail. [HDX-28691]
Known issues in 2105
- During a session, when you click Check for Updates and updates are downloaded successfully, current sessions aren’t listed in the Download successful dialog. [RFWIN-23152]
Known issues in 2103.1
- The Self-Service plug-in window is blank and no apps are displayed at session launch. The issue occurs when using the Intel Xe Graphics card and because of limitation from the third-party. [CVADHELP-17005]
- Attempts to compose characters in Japanese, Chinese, or Korean IME might not work properly. The composition window appears misplaced and isn’t seamless. This issue doesn’t occur when using virtual apps and desktops sessions and SaaS apps. [RFWIN-21158]
- Attempts to exit Citrix Workspace app might fail. The issue occurs when the user credentials prompt appears repeatedly. [RFWIN-22491]
- After creating a desktop shortcut for an app and restarting the client device, the first attempt to launch the app from the shortcut might fail. The issue occurs when you do not specify the
storedescription
when installing Citrix Workspace app using the command-line interface. [RFWIN-22510] - When you try a peer-to-peer call with Microsoft Teams HDX optimization, calls might fail. This issue occurs if the VDA version is 2103 or lower and the Citrix Workspace app for Windows is 2103 or higher. This issue is fixed in Virtual Delivery Agent (VDA) 2106.
Known issues in 2102
- Attempts to launch an ICA session might fail. The issue occurs when the proxy server uses port 8080 instead of a custom port. [CVADHELP-15977]
- In an application session, when you open an image to scan in Microsoft Paint, both the Microsoft Paint application and the scanning process might become unresponsive. The issue occurs when you launch the session in windowed mode. [RFWIN-21413]
- On machines configured for Azure Active Directory Multifactor Authentication (MFA), the login prompt appears even when the Keep me signed in and Don’t ask again for 60 days options are selected. [RFWIN-21623]
- Attempts to log in to Citrix Workspace app on Azure Active Directory-joined machines might fail. The issue occurs when the authentication prompt doesn’t appear. [RFWIN-21624]
- When you launch a published desktop session, the Self-Service plug-in dialog appears in the foreground. The issue occurs when the Local App Access policy is enabled on the Delivery Controller. [RFWIN-21629]
- Attempts to switch windows using the ALT + Tab keys might result in a blank Citrix Workspace app screen. The issue occurs when you launch the session in windowed mode. [RFWIN-21828]
- If you’re using a webcam or a video in a Microsoft Teams call, the
HDXrtcengine.exe
might turn unresponsive. For a workaround, see Knowledge Center article CTX296639. [HDX-29122]
Known issues in 2012.1
No new issues have been observed in this release.
Known issues in 2012
- If you try to add a protected app to your Favorites, this message might appear, “Your apps aren’t available at this time” When you then click OK, this message appears, “Cannot add app.” After you switch to the Favorites screen, the protected app is listed there, but you can’t remove it from Favorites. [WSP-5497]
- In the Chrome browser with browser content redirection, when you click a link that opens a new tab, the tab might not open. As a workaround, select Always allow pop-ups and redirects in the Pop-ups blocked message. [HDX-23950]
-
Automatic update of Citrix Workspace app from version 2012 to a later version fails with the following error message:
Could not load file or assemble Newtonsoft.Json
The issue occurs only when automatic update is enabled on an admin-installed instance of the Citrix Workspace app.
As a workaround, download Citrix Workspace app Version 2012.1 or later from the Citrix Downloads page and install it manually.
[RFWIN-21715]
- If you launch the app bar and then open the Connection Center menu in Citrix Workspace app for Windows, the app bar doesn’t appear under the server that hosts it. [HDX-27504]
- If you use Citrix Workspace app for Windows and launch the app bar in a vertical position, the bar covers the Start menu or the system tray clock. [HDX-27505]
Legacy documentation
For product releases that have reached End of Life (EOL), see Legacy documentation.
Third-party notices
Citrix Workspace app for Windows might include third-party software licensed under the terms defined in the following document:
Citrix Workspace app for Windows Third-Party Notices (PDF download)