GHOST is the name of a security vulnerability that affects the gethostbyname() C library function. While many Linux systems are affected, the severity of the issue highly depends on the circumstances.
We believe that in NoTouch, the circumstances are low-risk in pure VMware and Citrix environments because an attack would most probably require a prior full hostile takeover of the VDI server environment. If that happens, there is no gain in going after the clients as the attacker already has full access.
In environments where the local Firefox browser is used, different attack vectors exist.
To remove any doubt, we have updated our OS to use glibc 2.19 and produced 2.39.207 that is available for our customers in our download portal (visit www.stratodesk.com/login).
Additionally, we strongly recommend that customers update their management virtual appliances constantly, as is described in our Knowledge Base.