Producent oprogramowania Fortinet, udostępnił najnowszą aktualizację dla FortiClient o oznaczeniu 7.0.2. Nowsza wersja została poprawiona pod względem bezpieczeństwa, dzięki zwiększeniu działania oprogramowania antyransomware, które nie wykrywało plików LockFile. Również zostały skorygowane problemy z synchronizacją FortiClient. Po więcej informacji, zapraszam do dalszej części artykułu.

Wspierane system:

Windows:

• Microsoft Windows 11 (64-bit)
• Microsoft Windows 10 (32-bit and 64-bit)
• Microsoft Windows 8.1 (32-bit and 64-bit)
• Microsoft Windows 7 (32-bit and 64-bit)

MacOs:

• macOS Monterey (version 12)
• macOS Big Sur (version 11)
• macOS Catalina (version 10.15)

Linux:

• Ubuntu 18.04 and later
• CentOS 7.4 and later
• Red Hat 7.4 and later

Rozwiązane problemy:

Endpoint control

Bug ID	Description
742070	FortiClient is stuck syncing and cannot be manually reconnected.
748395	FortiClient (Windows) does not send correct operating system version for Windows 11 and Windows Server 2022.

Malware Protection and Sandbox

Bug ID	Description
742383	Antiransomware fails to detect LockFile ransomware.

Upgrade

Bug ID	Description
755174	FortiClient (Windows) 7.0.2 online installer cannot upgrade FortiClient (Windows) 7.0.1 to 7.0.2.

Common Vulnerabilities and Exposures

Bug ID	Description
637256	FortiClient (Windows) 7.0.2 is no longer vulnerable to the following CVE Reference: CVE-2021-36183 Visit https://fortiguard.com/psirt for more information.
721745	FortiClient (Windows) 7.0.2 is no longer vulnerable to the following CVE Reference: CVE-2021-41028 Visit https://fortiguard.com/psirt for more information.

 

Znane problemy do rozwiązania:

Install and deployment

Bug ID	Description
716597	Installation using norestart parameter requests reboot.
737288	Cannot use FortiClient (Windows) with Microsoft Defender using Windows Defender Application Control policy.
752345	'invalid_cert_action' specified in installer is not applied at installation.
756715	EMS defaults Invalid Cert Action to Warn for created FortiClient installer.Workaround: EMS administrator to select Allow for Invalid Cert Action when creating FortiClient installer.

Application Firewall

Bug ID	Description
663024	Add VMware Horizon Virtual Desktop Infrastructure Agent signature.
717628	Application Firewall causes issues with Motorola RMS high availability client.

GUI

Bug ID	Description
725644	Google social network login does not work properly.
726911	GUI cannot show tags if tag name contains character that needs to be escaped.
742425	Disabling export logs option does not work .
742676	„the exception illegal Instruction error” occurs.
744542	FortiClient (Windows) displays blank SAML login window after accepting security warning.
751299	FortiClient has empty vulnerability details tab.
752349	Invalid certificates action in Settings does not update after receiving updated Endpoint Control profile.
752356	Invalid Certificate Detected alert disappears after 20 seconds without clicking Accept or Deny .

Zero Trust Network Access (ZTNA) connection rules

Bug ID	Description
730459	FortiClient certificate serial number in endpoint is incorrect.
733255	FortiClient (Windows) must disconnect and reconnect to EMS to fix access issue when visiting a ZTNA-enabled site.
742103	ZTNA connection rule deletion does not take effect immediately.

Zero Trust Telemetry

Bug ID	Description
678388	Active Directory user logoff does not trigger tag message from FortiClient (Windows).
702660	Switching AD users does not modify user details in EMS Endpoints table.
705010	After switching users, FortiClient does not send new user information to EMS, causing the EMS Endpoints pane to show the endpoint with an incorrect username.
714131	Migrating FortiClient to different server fails when connection key is enabled.
721651	When connected to a full VPN to FortiGate, FortiClient sends virtual IP and MAC addresses to EMS.
722199	FortiClient stays in registration progress to FortiClient Cloud and never returns connection result.
724038	Zero Trust tag rule does not work properly for AD-joined devices when endpoints connect to EMS via SSL VPN.
724988	FortiClient uses FortiSASE egress IP address as the public IP address.
731525	FortiClient (Windows) does not detect AV is not up-to-date tagging rule result properly.
736210	FortiGate endpoint record list does not show all IPsec and SSL VPN tunnel entries.
736587	Assignment of vulnerability-related ZTNA tags is inconsistent for endpoints that have same Vulnerability Scan result.
736684	Vulnerable Devices Severity Level tagging rule does not respect selected level.
738813	FortiESNAC process causes high CPU, but issue disappears after removing Zero Trust tagging rules and running Windows updates.

Malware Protection and Sandbox

Bug ID	Description
693565	Chrome cannot rename temporary download files because Sandbox agent locks them.
700396	Device driver cannot be loaded (code 38).
709729	realtime_scan log disappears after ten seconds.
729499	Endpoints fail to update AV signatures, causing EMS to consistently send AV out-of-date email notifications.
730054	Allow Admin Users to Terminate Scheduled and On-Demand Scans from FortiClient Console feature does not work as expected.
734012	FortiClient does not respect exclusions if malicious file is detected as riskware.
747481	Antivirus right-click on-demand scan fails.
749331	FortiClient is snoozed in Windows Security in Windows settings due to conflict with FortiEDR.
749348	Performance issues after upgrade.

Remote Access

Bug ID	Description
639981	SAML login does not work when PKI group and SAML group are assigned to an SSL VPN policy together.
649426	IPsec and SSL VPN per-application VPN split tunnel does not work properly.
684913	SAML authentication on SSL VPN with realms does not work.
707882	IPsec VPN fails to autoconnect with Failed to launch IPsec service error.
710783	When per-machine and user autoconnect are both configured, per-machine tunnel drops in minutes before logging in to Windows.
710877	SSL VPN with SAML (Azure AD) and two gateways does not work.
711227	Per-user autoconnect starts autoconnect before logging in to Windows.
711402	Per-user autoconnect does not establish, and per-machine autoconnect remains connected after logging in to Windows.
716323	IPsec VPN cannot connect, with no response from GUI.
717512	IPsec VPN disclaimer message present in EMS profile is not present on endpoints, and FortiClient (Windows) does not show a disclaimer.
717913	FortiSASE VPN fails to reestablish after upgrading FortiSASE-related components.
724452	IPsec VPN tunnel with multiple gateways does not connect to the second gateway if the first one is inaccessible when the certificate is used.
724632	FortiClient (Windows) does not send SAML logout event to FortiAuthenticator.
725631	Network interfaces on laptops with Windows 10 stay unavailable after hibernation or sleep.
726249	FortiClient cannot effectively exempt trusted FQDNs from FortiSASE VPN.
726680	VPN clients take 20 seconds to disconnect when using a remote gateway where FQDN is resolved to multiple IP addresses and one is inaccessible.
727695	FortiClient on Windows 10 fails to block SSL VPN when FortiClient (Windows) has prohibit host tag.
729233	FortiSASE Trusted Traffic feature (split tunnel) requires restarting the FortiClient SSL VPN connection to take effect.
731011	FortiClient (Windows) is stuck at 98% connecting to SSL VPN tunnel when integrated with SAML (Azure AD) authentication.
731127	SSL VPN tunnel with SAML login displays Empty username is not allowed. error due to having multiple gateways defined.
731152	FortiClient (Windows) reports that it cannot reach corporate network when SSL VPN is connected.
731912	FortiClient does not register any interface’s IP addresses to the DNS server, when IPsec VPN tunnel is up.
734866	Tunnel with per-machine autoconnect before OS start configured keeps trying to connect after failing to connect to VPN.
735105	Per-machine autoconnect certificate dropdown list also lists certificates in current user store before logging in to Windows.
736353	Multigateway failover does not go back to check previous gateways when failing over to see if they are up.
737798	FortiClient (Windows) does not try to connect with the second gateway if it cannot access the first one.
737964	When connecting to VPN before logging on to Windows, the certificate dropdown list shows multiple ZTNA certificates.
740410	FortiClient (Windows) applies client certificate to unmatched mapping of SSL VPN.
740679	Always-on VPN requires credentials when switching networks.
740725	SSL VPN on OS start does not reestablish following network issues.
742279	FortiClient to FortiGate SSL VPN is stuck during connection with SAML.
742833	Per-machine VPN before logon does not connect after upgrade.
743009	With Azure AD, FortiClient cannot connect SSL VPN using SAML and status is stuck at 98%.
743925	Host check warning prompt cannot display all predefined warning messages.
744020	SSL VPN and Web Filter problems.
744945	VPN before logon cannot connect before Windows logon, causing the Group Policy Object to be unable to commit before logon.
749735	FortiClient (Windows) cannot connect VPN to company network using T-Mobile IPv6 network.
751430	Split tunnel, split DNS, and remote DNS server resolution do not work.
751669	Application-based split tunnel breaks exclusive routing on SSL VPN.
752346	IP address assigned to the SSL VPN NIC in remote user PC and split tunnel routes is not installed.
753531	Windows client connected to VPN does not use targeted DNS servers acquired via DHCP on FortiClient (Windows) VA.
754820	Enabling host check for only the firewall does not work properly.
755510	SSL VPN dual stack does not work if using certificate in local machine.

Vulnerability Scan

Bug ID	Description
741459	Vulnerability Scan detects Python as critical/high vulnerability after removal.

Web Filter and plugin

Bug ID	Description
657715	FortiProxy fails to start.
734400	Proxy service fails to process HTTPS connections.
740802	Web Filter displays unknown category for many entries in blocklist.
743738	FortiClient should avoid sending delimiter characters inside events.
748250	FortiClient does not detect that Web Filter plugin is stalled and blocks navigation.

Logs

Bug ID	Description
704611	FortiClient does not send logs to FortiAnalyzer.
720388	FortiClient fails to provide log for secure Remote Access compliance enforcement.
746181	FortiClient does not generate logs when VPN is blocked due to compliance tag.

 

Notatki producenta: FortiClient 7.0.2

Pozdrawiamy,

Zespół B&B
Bezpieczeństwo w biznesie

7.0.2 FortiClient FortiClient 7.0.2