CVE-2014-4700 – Vulnerability in Citrix XenDesktop could result in unauthorized access to another user’s desktop

Description of Problem

A vulnerability has been identified in Citrix XenDesktop that could result in a user gaining unauthorized interactive access to another user’s desktop.

This vulnerability affects a specific, non-default configuration of Citrix XenDesktop 7 (all versions up to and including 7.5), Citrix XenDesktop 5 (up to and including Rollup 5.6.300 for Citrix XenDesktop 5.6 FP1) and Citrix XenDesktop 4 (all versions).

This vulnerability only affects Citrix XenDesktop deployments that use pooled random desktop groups and where the broker configuration setting ShutdownDesktopsAfterUse is set to disabled. Configurations that only use assigned desktop groups, including RemotePC access scenarios and user-dedicated desktops, are not affected by this issue.

This vulnerability has been assigned the following CVE number:

    • CVE-2014-4700: Vulnerability in Citrix XenDesktop versions 7.x, 5.x and 4.x could result in unauthorized access to another user’s desktop.

Mitigating Factors

The configuration setting ShutdownDesktopsAfterUse is enabled by default in configurations that use pooled desktops groups to reset the disk image and clean the desktop. For more details, please see the following Citrix Knowledgebase article:

What Customers Should Do

Updates to Citrix XenDesktop have been released to address this issue. Citrix strongly recommends that affected customers apply these updates as soon as possible.

The hotfixes for Citrix XenDesktop 7.1 and 7.5 can be downloaded from the following locations:

CTX140362 – Hotfix XD710ICAWSWX86005 – For VDA Core Services 7.1/7.5 for Windows Desktop OS (32-bit) – English

CTX140363 – Hotfix XD710ICAWSWX64005 – For VDA Core Services 7.1/7.5 for Windows Desktop OS (64-bit) – English

A VDA Rollup for Citrix XenDesktop 5.6 FP1 can be downloaded from the following location:

CTX138550 – Hotfix Rollup XD560VDAWX86400 (Version 5.6.400) – For Citrix XenDesktop Virtual Desktop Agent Core Services x86 – English

CTX138551 – Hotfix Rollup XD560VDAWX64400 (Version 5.6.400) – For Citrix XenDesktop Virtual Desktop Agent Core Services x64 – English

What Citrix Is Doing

Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at

Obtaining Support on This Issue

If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at

Reporting Security Vulnerabilities to Citrix

Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For guidance on how to report security-related issues to Citrix, please see the following document: CTX081743 – Reporting Security Issues to Citrix


  • No Related Posts

Director Version Matrix – Install or Upgrade compatibility of Director with Delivery Controller, VDA

Important: All new features of Director will be available and work as expected only in combination with the required minimum versions of the Delivery Controller (DC) and the VDA listed below.

Note: This article is applicable to XenApp 6.5 and later, XenDesktop 7 and later.

Director Version Features Dependency

(Min Version required)

1906 Session Auto Reconnect DC 7 1906 and VDA 1906 All
Session startup duration DC 7 1906 and VDA 1903 All
Desktop probing DC 7 1906 and Citrix Probe Agent 1903 Premium
7.9 and later Citrix Profile Management Duration in Profile Load VDA 1903 All
1811 Profile load DC 7 1811 and VDA 1811 All
Hypervisor Alerts Monitoring DC 7 1811 Premium
Application probing DC 7 1811 and Probe Agent 1811 Premium
Microsoft RDS license health DC 7 1811 and VDA 7.16 All
Key RTOP Data display DC 7 1811 and VDA 1808 Premium
1808 Export of Filters data DC 7 1808 and VDA 1808 All
Interactive Session drill down DC 7 1808 and VDA 1808
GPO drill down DC 7 1808 and VDA 1808
Machine historical data available using OData API DC 7 1808
7.18 Application probing DC 7.18 Platinum
Built-in alert policies
Health Assistant link None All
Interactive Session drill-down
7.17 PIV smart card authentication None All
7.16 Application Analytics DC 7.16 || VDA 7.15 All
OData API V.4 DC 7.16 All
Shadow Linux VDA users VDA 7.16 All
Domain local group support None All
Machine console access DC 7.16 All
7.15 Application Failure Monitoring DC 7.15 || VDA 7.15 All
7.14 Application-centric troubleshooting DC 7.13 || VDA 7.13 All
Disk Monitoring DC 7.14 || VDA 7.14 All
GPU Monitoring DC 7.14 || VDA 7.14 All
7.13 Application-centric troubleshooting DC 7.13 || VDA 7.13 Platinum
Transport protocol on Session Details panel DC 7.x || VDA 7.13 All
7.12 User-friendly Connection and Machine failure descriptions DC 7.12 || VDA 7.x All
Increased historical data availability in Enterprise edition Enterprise
Custom Reporting Platinum
Automate Director notifications with SNMP traps Platinum
7.11 Resource utilization reporting DC 7.11 || VDA 7.11 All
Alerting extended for CPU, Memory and ICA RTT conditions DC 7.11 || VDA 7.11 Platinum
Export report improvements DC 7.11 || VDA 7.x All
Automate Director notifications with Citrix Octoblu DC 7.11 || VDA 7.x Platinum
Integration with NetScaler MAS DC 7.11 || VDA 7.x

MAS version 11.1 Build 49.16
7.9 Logon Duration Breakdown DC 7.9 || VDA 7.x All
7.7 Proactive monitoring and alerting DC 7.7 || VDA 7.x Platinum
SCOM integration DC 7.7 || VDA 7.x || SCOM 2012 R2 || PowerShell 3.0 or later* Platinum
Windows Authentication Integration DC 7.x || VDA 7.x All
Desktop and Server OS Usage DC 7.7 || VDA 7.x Platinum

* Director and SCOM server must have the same PowerShell version

Upgrade sequence – XenApp and XenDesktop Components

Illustration of the upgrade sequence is as below. To upgrade all the installed components, run the installer on all the machines containing respective components.

User-added image

Note: Once DC is updated successfully, the Studio will prompt you to upgrade the Site. Complete this step for the new features to be available in Director.

How Do I Articles


  • No Related Posts

Citrix UPS Printers are not visible via Control Panel, Devices And Printers

This is an known issue with printers provided by Citrix Universal Printer server on windows operating systems Windows Server 2019, Windows Server 2016, Windows 10, Windows Server 2012r2, Windows Server 2012.

Citrix is working with Microsoft to correct this interaction between Microsoft operating systems and Citrix universal print server print provider.

Citrix Documentation:

This issue has been documented in our XenApp/XenDesktop documentation since 7.5

  • Universal Print Server printers selected in the virtual desktop do not appear in the Devices and Printers window in Windows Control Panel. However, when users are working in applications, they can print using those printers. This issue occurs only on Windows Server 2012, Windows 2012 R2 , Windows 10 and Windows 8 platforms. [#335153]

Microsoft Documentation:

The Device Setup Manager service is discussed in the following article from Microsoft it applies to both Windows 8 and Windows 2012.

Device setup user experience in Windows 8

Microsoft released a hotfix for server 2012r2 which partially addressed some issues with 3rd party print provider visibility in newer windows releases.

However this was not a complete solution, and printers provided by Citrix Universal Print Server remained not visible.​


  • No Related Posts

IBM’s New Blockchain’s Multicloud Update to Improve interoperability

In Ledger Insights on June 18 report, IBM made an announcement regarding its Blockchain Platform upgrades.

IBM’s new Blockchain Platform will reportedly run on several cloud networks, like Amazon Web Services (AWS) or Microsoft’s Azure.

Besides its previous iteration, this is the main upgrade which is available only via IBM’s cloud. Users will use a container program Kubernetes to access the multicloud platform and effectively scale their blockchain networks.

The interoperability of IBM Blockchain Platform 2.0 is a major advantage of this new multicloud framework. Blockchain participants are able to maintain governance of multiple cloud networks — even where privacy environments differ — through the multicloud platform.

Gari Singh, IBM Blockchain CTO, explained the advantage of this cross-network advantage:

“We want to bring on XYZ company, but XYZ has a contract with Azure or AWS or Oracle,” he said.

“How do we allow those guys to connect up a peer [node] to join the network and how can you support that?” […] We can now actually leverage all the great things that are in Hypeledger Fabric, and we can support you wherever you need to be. And we can also help to support networks that want to work with IBM, but they have other members that don’t.”

IBM’s platform resembles Hyperledger Fabric’s open source blockchain platform but IBM has added ease-of-access tools. These tools will streamline the permissioned network launching process so as to assist in necessary tasks like consensus mechanisms creation and providing governance.

In order to release a blockchain ID platform built on Hyperledger Fabric, IBM had to partner with Câmara Interbancária de Pagamentos, a Brazilian payments non-profit organization.

The released platform — dubbed ‘Device ID,’— authenticates digital signatures that are on mobile devices thereby deterring fraudulent and criminal activities.

Some organizations that intend to use this new blockchain verification platform is the Brazilian Payment System and Nine banks.



  • No Related Posts

Supported Databases for XenApp and XenDesktop Components

Citrix is committed to ensuring that our products function with the latest Microsoft SQL databases. Citrix supplies best efforts to ensure compatibility with upcoming database releases. New versions of supported databases released after our products have been released, must work. However, Citrix recommends creating a test environment to ensure there are no unforeseen issues related to changes made to the new version or update of the third-party product. Individuals wishing to use the new release with current Citrix products must perform their own testing before using the platform. Citrix does not support any BETA versions of third-party products.

This document will be updated periodically as new information becomes available.

What has changed from the last release of the matrix

  • Updated support for Virtual Apps and Desktops (XenApp/XenDesktop) 7 1906
Supported Databases Virtual Apps and Desktops (XenApp/XenDesktop) 7.15LTSR / 1811 / 1903 / 1906 XenApp/XenDesktop 7.6 LTSR Provisioning Services 7.15 LTSR / 1811 / 1903 / 1906 Provisioning Services 7.6 LTSR XenApp 6.5 HRP07
SQL 2017
x64 Yes Yes Yes (1) Yes (1) Yes
Express Yes Yes Yes (1) Yes (1) Yes
SQL 2016 SP1, SP2
x64 Yes Yes Yes (1) Yes (1) Yes
Express Yes Yes Yes (1) Yes (1) Yes
SQL 2014 SP1, SP2, SP3
x86 Yes Yes Yes (1) Yes (1) Yes
x64 Yes Yes Yes (1) Yes (1) Yes
Express Yes Yes Yes Yes Yes
SQL 2012 SP1, SP2, SP3, SP4
x86 Yes Yes Yes (1) Yes (1) Yes
x64 Yes Yes Yes (1) Yes (1) Yes
Express Yes Yes Yes Yes Yes
SQL 2012
x86 Yes Yes Yes (1) Yes (1) Yes
x64 Yes Yes Yes (1) Yes (1) Yes
Express Yes (2) Yes (2) Yes Yes Yes
SQL 2008 R2 SP2, SP3
x86 Yes Yes Yes Yes Yes
x64 Yes Yes Yes Yes Yes
Express Yes Yes Yes Yes Yes

  1. PVS 7.7 onwards Always ON is supported. PVS 7.11 introduced Multi-subnet Failover
  2. Known issue using SQL 2012 and above with XenDesktop, Refer to article ‘CTX132438 – Unable to Create New XenDesktop Site Using SQL 2012 Server’


  • The x86 and x64 versions of SQL (version 2012 and later) have been validated with Always On, Clustered, Standalone and Mirrored modes.
  • The Express edition has been validated only as Standalone.


IBM Announces New Multicloud Update to Blockchain

IBM has announced upgrades to its Blockchain Platform, according to a report by Ledger Insights on June 18.

The new IBM Blockchain Platform will reportedly be able to run on multiple cloud networks, such as major tech corporation Microsoft’sAzure or Amazon Web Services (AWS).

This is apparently the main upgrade over its previous iteration, which was available solely through IBM’s cloud. The multicloud platform will be available via Kubernetes, a container program that will reportedly allow users to scale their blockchain networks as needed.

One of the main upshots of its new multicloud framework is that IBM Blockchain Platform 2.0 that IBM boasts on its website is its interoperability. According to the website, the multicloud platform lets the blockchain participants provide governance across multiple cloud networks, even those with differing privacy environments.

IBM Blockchain CTO Gari Singh commented on this cross-network advantage, saying:

“We want to bring on XYZ company, but XYZ has a contract with Azure or AWS or Oracle,” he said. “How do we allow those guys to connect up a peer [node] to join the network and how can you support that?” […] We can now actually leverage all the great things that are in Hypeledger Fabric, and we can support you wherever you need to be. And we can also help to support networks that want to work with IBM, but they have other members that don’t.”

According to the report, IBM’s platform is a variation on the open source blockchain platform Hyperledger Fabric, which is fundamentally the same but with the addition of ease-of-access tools provided by IBM. The tools reportedly streamline the process of launching a permissioned network, assisting with necessary tasks such as assigning governance and creating consensus mechanisms.

As previously reported by Cointelegraph, IBM recently partnered with Brazilianpayments non-profit Câmara Interbancária de Pagamentos to release a blockchain ID platform built on Hyperledger Fabric.

The platform, called “Device ID,” will reportedly act as an authenticator for digital signatures on mobile devices, presumably aimed at preventing fraud and other criminal activities. Nine banks and the Brazilian Payment System are reportedly set to make use of the new blockchain verification platform.


  • No Related Posts

CSPs and Citrix Content Collaboration

Types of StorageZones

Currently, CSPs are not able to provide hybrid storage to their tenant accounts, i.e. cloud and on-premise StorageZones on the same account. Rather, the CSP can provide exclusively on-premise or cloud storage to each of their tenants.

Multi-Tenant StorageZone: This is a single storage repository, managed by the CSP, which can be shared by an unlimited amount of CSP Content Collaboration tenants. This type of StorageZone is classified as an on premise StorageZone it can be linked to the partner’s cloud blob.

User-added image

Normal or Standard StorageZone: This is a storage repository, managed by the CSP, which is dedicated to one Content Collaboration account. This type of StorageZone is classified as an on premise StorageZone it can be linked to the partner’s cloud blob.

Cloud StorageZone: This is a storage repository managed by Citrix, and not the CSP. This offering for CSPs provides an unlimited of storage to each Content Collaboration tenant.

Getting Started with Reselling Content Collaboration as a CSP

1. Log-in to with partner MyCitrix credentials. Within the main dashboard, select the “Resell” button under the Content Collaboration badge. If the button appears as “Manage” the partner can skip to step #4.

2. Create or Link a Content Collaboration Partner Account: Fill out the necessary fields in order to create a new Content Collaboration partner account or link an existing Content Collaboration partner account. If the partner has an existing Content Collaboration partner account but it doesn’t appear for automatic linking, please contact Citrix Support.

3. Optional – Set up a Multi-Tenant StorageZone: If the CSP decides to provide a Multi-Tenant StorageZone then the CSP needs to ensure the following:

  1. The Multi-Tenant StorageZone needs to be registered and live on the partner’s Content Collaboration account before the CSP creates a Content Collaboration tenant account.

  2. To check that the partner has successfully installed and registered a Multi-Tenant StorageZone to their partner Content Collaboration account, they can check by logging into their partner account from the Content Collaboration web app and navigate to “Admin Settings” >> “StorageZones.” Here, the Multi-Tenant StorageZone should be located under “Partner-Managed” tab.

  3. If their StorageZone is under the “Customer-Managed” tab then they accidentally installed and registered a standard StorageZone (not Multi-Tenant enabled). In order to change their standard StorageZone to a Multi-Tenant StorageZone the partner will have to “Delete this Zone” within the Content Collaboration web app, remove the StorageZone from their designated server, and re-create the StorageZone and run the Multi-Tenant command prompt.

User-added image

4.Create a Content Collaboration Tenant Account: From the partner’s Citrix Cloud customer dashboard, select “Invite or Add.” If the partner would like to add a new Citrix customer they will be prompted to fill out information about their new tenant’s Citrix Cloud account. If the partner would like to invite an existing Citrix Cloud customer to their customer dashboard, they can send them a link. Once that customer receives that link and accepts the terms and conditions of becoming a tenant of the CSP. The partner can then add services to their tenants through the customer dashboard by selecting the three dots by the tenant’s company name, then selecting “Add Service” >> “Content Collaboration.”

  1. The partner will select the primary StorageZone that the Content Collaboration tenant will consume. If they select a Multi-Tenant StorageZone, they are required to specify the existing StorageZone (live, and registered on their Content Collaboration partner account).

  2. Master Admin user information must be specified, and will be added to the tenant’s account, along with a partner admin user.

  3. All tenant accounts receive 1,000 available licenses. The CSP payment model is based on the total number of used licenses, and not on total number of all licenses.

Managing CSP Content Collaboration Tenants

How to Update Tenant Accounts:

A partner admin user is always provisioned on the CSP’s Content Collaboration tenant account. This allows the partner to manage the customer’s account, such as configure account settings, manage employee users, run reports, etc. This partner admin is added to the Super User group within their tenant’s account, giving this user complete access to all files and folders. If the partner does not want access to the customer’s Content Collaboration data, they will need to remove the partner admin user from the Super User group. Once the partner admin is removed from the Super User group then that user will only receive access to files that are specifically shared by other employee users.

  • Change their Content Collaboration subdomain: Any admin user on the Content Collaboration account is able to change the subdomain under “Admin Settings” >> “Company Account Info”
  • Add more licenses: Prior to creating tenant accounts within the partner’s Citrix Cloud account, CSPs had to request an account through an online form. This form allowed partners to specify the amount of licenses on the account. If this is how the CSP created the tenant account and the partner is looking to add licenses to that account, they can submit that type request here . This request will automatically increase the total license count to 1,000 for that tenant account.
  • Change Master Admin user: Request here .
  • Cancel an account: Request here .
  • Convert a trial or POC account to an in-production account: Request here .

Tenant Management:

If the CSP has managed Content Collaboration tenants prior to establishing their Citrix Cloud partner account, then their existing tenants will not appear on their Citrix Cloud customer dashboard. Instead, these tenants will only appear on the partner’s Content Collaboration account under “Admin Settings” >> “Advanced Preferences” >> “Tenant Management.” If “Tenant Management” is not an option, then this particular partner user will need to enable the “Manage Tenants” user permission. There is currently not a way to import or show these existing tenants in the CSP’s Citrix Cloud customer dashboard.If the CSP creates a tenant from within Citrix Cloud, then that tenant will appear in their Citrix Cloud tenant dashboard.

If the CSP has created some tenants via the online form and some via Citrix Cloud, then the partner can easily see all tenants from within the partner’s Content Collaboration account (first bullet).

For Multi-Tenant StorageZones:

Each tenant onboarded to a partner’s Multi-Tenant StorageZone receives their own root-level folder within the StorageZone. The name of the root-level folder is the tenant’s unique Content Collaboration account ID (starts with an “a”).

  • This folder structure, with each tenant having their own root-level folder, ensures that tenant data within their Content Collaboration account is separated from other tenants sharing the Multi-Tenant StorageZone. Tenant end-users will only have access files and folders created and uploaded within their own Content Collaboration account.

For CSP reporting (i.e. payment model):

CSPs are required to report on the amount of used licenses by their Content Collaboration tenants to their preferred Citrix distributor. For directions on capturing the accurate number of licenses for monthly reporting:

  • If the partner created a Content Collaboration tenant within Citrix Cloud: Log-in to the CSP Citrix Cloud account and navigate to the customer dashboard.
  • If the CSP has Content Collaboration created tenants from a third-party online form, rather than Citrix Cloud: Log-in to the CSP Content Collaboration partner account and navigate to “Admin Settings” >> “Advanced Preferences” >> “Tenant Management”
  • Within either of these dashboards, sort the Content Collaboration tenant accounts by “Paid” status.
  • From list of “paid” Content Collaboration tenants, further separate them by storage type and see if they are defaulted to a Citrix-managed cloud StorageZone or a partner-managed on-premise StorageZone.
  • Then, the partner must total up the amount of used licenses from all the “paid” cloud tenants and the “paid” on-premise tenants. The reason for separating the used license count by storage type is because they have different reporting SKUs (and subsequent partner price).
  • Please consult with your preferred Citrix Distributor for reporting SKUs and their pricing, which will be based on the Content Collaboration tenant’s storage type.


  • No Related Posts

Updates to Citrix Workspace app for Windows Prerequisites

  • The following message appears after you install Citrix Workspace app.

    In some scenarios, you must restart your system your system for the installation to complete. Click Yes to restart your system.

    Note: If you click No, the following error message appears when you try to launch Citrix Workspace app. Restart your system to complete the .NET Framework installation and changes to take effect.

    Troubleshooting issues with installing the Microsoft Visual C++ Redistributable

  • Related:

    • No Related Posts

    Citrix MSI Log Analyzer


    The Citrix MSI Log Analyzer is designed to assist with the following scenarios:

    • When failure occurred during install or upgrade or uninstall of XenApp/XenDesktop
    • The Citrix MSI Log Analyzer analyzes the failure and provides helpful info for troubleshooting the issue
    • The Citrix MSI Log Analyzer will also try to point to a knowledge base article helpful to troubleshoot and resolve the issue

    What’s New in v1.2.0.9

    • Added support for Storefront logs
    • Added support for uploading experience metrics through TLS 1.2/TLS 1.1.
    • Minor bug fixes and inputs from the feedback


    The user needs to be a Local Administrator on the target machine in order to run the tool.

    How to use Citrix MSI Log Analyzer

    The Citrix MSI Log Analyzer is a standalone executable file and does not require installation. Just download the tool to a local folder and execute the application.

    Citrix MSI Log Analyzer offers various command line to deal with different use cases.

    1. To analyze the failure in the msi log file:

      CitrixMSILogAnalyzer.exe -msilogfile <msi log file path>

      Look for MSI log file under %TEMP%CitrixXenDesktop InstallerMSI Log files” folder and specify the absolute path of the failing msi log file in the above command line.

    2. To analyze the failure from the XenApp/XenDesktop Metainstaller log file::

      CitrixMSILogAnalyzer.exe -metainstallerlogfolder <metainstaller log folder path>

      Example: CitrixMSILogAnalyzer.exe -metainstallerlogfolder “C:UsersxxxxAppDataLocalTempCitrixXenDesktop Installer” where xxxx is the admin user name specific to the user environment

    3. To analyze Citrix XenApp/XenDesktop failure log file under temp folder


      This option is useful to run the tool on the target machine where the MSI installation failure happened and one is not sure on where to look for msi failure log file.

    4. To view help:

      CitrixMSILogAnalyzer.exe -help

    Note: In order to improve Citrix XenApp/XenDesktop and Citrix MSI Log Analyzer, the troubleshooting data not containing any identifiable information from the tool is uploaded to Citrix. This can be controlled using –upload [Yes | No]

    Output from the tool

    The output of the tool on the console provides:

    1. Troubleshooting info of the actual error

    2. CTX article to troubleshoot or resolve the issue

    3. Log file saved under %TEMP% with prefix mLog_*.txt. The exact name and path is displayed in the output.

    Delete Citrix MSI Log Analyzer

    Delete the downloaded executable from the current directory. One may also cleanup mLog_*.txt files under %TEMP% directory

    Contact Information:

    Questions? Concerns? Send any feedback to:


    These software applications are provided to you as is with no representations, warranties or conditions of any kind. You may use and distribute it at your own risk. CITRIX DISCLAIMS ALL WARRANTIES WHATSOEVER, EXPRESS, IMPLIED, WRITTEN, ORAL OR STATUTORY, INCLUDING WITHOUT LIMITATION WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NONINFRINGEMENT. Without limiting the generality of the foregoing, you acknowledge and agree that (a) the software application may exhibit errors, design flaws or other problems, possibly resulting in loss of data or damage to property; (b) it may not be possible to make the software application fully functional; and (c) Citrix may, without notice or liability to you, cease to make available the current version and/or any future versions of the software application. In no event should the code be used to support of ultra-hazardous activities, including but not limited to life support or blasting activities. NEITHER CITRIX NOR ITS AFFILIATES OR AGENTS WILL BE LIABLE, UNDER BREACH OF CONTRACT OR ANY OTHER THEORY OF LIABILITY, FOR ANY DAMAGES WHATSOEVER ARISING FROM USE OF THE SOFTWARE APPLICATION, INCLUDING WITHOUT LIMITATION DIRECT, SPECIAL, INCIDENTAL, PUNITIVE, CONSEQUENTIAL OR OTHER DAMAGES, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. You agree to indemnify and defend Citrix against any and all claims arising from your use, modification or distribution of the code.