Producent oprogramowania Fortinet opublikował aktualizację dla produktu FortiClient 7.2.3 (Windows) w której zostało rozwiązane kilka problemów występujących we wcześniejszych wersjach. Spośród nich można wymienić problemy z zasadami połączenia ZTNA takie jak nie działająca lista portów w regule przekierowania TCP ZTNA dla scenariusza z portalem, symbolem wieloznacznym i listą portów. Więcej informacji można znaleźć w artykule poniżej.

Rozwiązane problemy :

ZTNA connection rules

Bug ID	Description
926403	Ports list does not work in ZTNA TCP forwarding rule for scenario with EMS rule or scenario with portal, wildcard, and ports list.
957442	Zero trust network access (ZTNA) destination does not work with and without ZTNA tag attached to FortiGate ZTNA rules.
966169	ZTNA does not work when Fortinet Security Fabric connector is connected to FortiGate on FortiOS 7.4.1 with virtual domains.

Web Filter and plugin

Bug ID	Description
812794	Downloads are canceled in Firefox when Web Filter extension is enabled.
932019	Bypass Private IP does not work on Edge and Chrome.
967191	YouTube videos do not play if Web Filter extension is enabled.

GUI

Bug ID	Description
795350	Multiple FortiTray icons display in Windows system tray.
949939	JavaScript error occurs in main process.

Endpoint control

Bug ID	Description
821024	FortiClient (Windows) fails to send username to EMS and causes EMS to report it as having a different user.
926631	Duplicate users show in EMS and FortiClient (Windows) does not intermittently send user update.

Application Firewall

Bug ID	Description
848280	Application-based split tunnel does not work.
940481	Antivirus and Firewall features cause network problems.

FSSOMA

Bug ID	Description
935090	Single sign-on mobility agent (SSOMA) stops sending SSO session information to FortiAuthenticator while service runs on host.

Install and upgrade

Bug ID	Description
955824	Free VPN-only agent does not include SSOMA registry value if it was upgraded free VPN-only agent 7.0, which does not include SSOMA.
957228	Status sentence is incomplete on deployment wizard when FortiClient (Windows) requests reboot during deployment.

Logs

Bug ID	Description
811746	FortiClient (Windows) sends duplicated and old logs to FortiAnalyzer.
876810	FortiClient does not indicate vpnuser in logs when connection succeeds.
962704	FortiClient floods FortiAnalyzer with SYN packets.
966018	FortiClient uploads logs more frequently than its configured upload interval.

Zero Trust tags

Bug ID	Description
957469	Zero Trust tag for Windows CA certificate does not work.
976374	CURRENT_USER registry tag does not work.

Vulnerability Scan

Bug ID	Description
956805	FortiClient EMS shows Scheduled as patch status for critical FortiClient EMS Microsoft Office Memory Corruption Vulnerability, but it is not fixed with next telemetry communication.

Remote Access

Bug ID	Description
793668	ipsec.exe crashes with split tunnel and application-based exclude configuration.
819279	When using FortiClient with Realtek Windows 11 drivers, FortiClient (Windows) cannot establish an IPsec VPN tunnel.
858806	IKE/IPsec VPN sends the same token code multiple times within a second.
876607	FortiClient (Windows) on Windows 11 cannot connect to IPsec VPN when using Ethernet connection.
884348	DTLS in SSL VPN does not work with SAML.
889638	SSL VPN push prompt does not disappear after push approval.
905443	Race condition between Windows autologin and autoconnect blocks FortiClient from automatically connecting to IPsec VPN.
912980	IPsec VPN fails to connect if vpn-ems-sn-check is enabled and FortiClient is registered to custom EMS site.
936354	FortiClient (Windows) cannot connect to SSL VPN with Azure SAML when Microsoft Entra ID (formerly known as Azure Active Directory) autologin is enabled.
942104	Connecting to SSL VPN with multifactor authentication set for user using FortiToken Mobile stops at 98% and does not complete the connection.
945888	When using VPN before logon, there is no one-time password (OTP) token request prompt if using FortiToken Mobile with FortiAuthenticator for OTP.
947381	With <prefer_sslvpn_dns> set to 0, when SSL VPN is up, FortiClient adds dns-suffix to all network interfaces.
948611	With customized host check fail warning off and ZTNA tags assigned, FortiClient (Windows) shows empty warning when trying to establish VPN.
949945	Network lockdown blocks FortiClient Cloud telemetry.
953214	FortiClient cannot update from 7.0.7 to 7.2.1 when deployed from EMS.
955248	SSL VPN does not work with local machine certificate-based tunnel when initiated from FortiTray.
956202	FortiClient (Windows) reaches a status that cannot connect after updating a VPN tunnel without a certificate to have a certificate.
960369	When the SSL VPN disconnects, FortiClient (Windows) automatically adds backslash sign to username.
961087	Blue screen of death (BSOD) occurs after installing FortiClient and connecting to SSL VPN.
962287	SSL VPN reaches infinite loop that keeps trying to connect to SSL VPN but fails.
963039	SslvpnAgent: Pipe is broken for writing.
965016	FortiClient does not connect to IPsec VPN when adding a second remote gateway.

Malware Protection and Sandbox

Bug ID	Description
940272	Antivirus and Sandbox settings do no allow user to copy files to a share folder.
946390	Real-time Protection blocks Word and Excel file access from network shared drive (network-attached storage).
952073	Windows notification about virus protection is out -of-date and has a red icon on Windows Security Center.
953905	FortiClient does not display Malware Protection tab when installer only includes antiransomware.

Zero Trust telemetry

Bug ID	Description
917708	FortiClient cannot connect to EMS if installed on same machine.
952565	FortiClient does not show error after reconnecting with deleted invitation code.

Other

Bug ID	Description
915119	FortiClient requires further localization into supported languages.
942082	FortiClient causes Windows 10 BSOD ntoskrnl.exe when Cisco AnyConnect VPN is connected.
943967	NETIO.SYS causes BSOD.
964838	FortiClient Cloud French translation for Zero Trust Telemetry is incorrect in FortiClient.
973928	Orchestrator crashes when backing up FA_ESNAC\cloud_client registry values.

Notatki producenta: FortiClient 7.2.3

Pozdrawiamy,

Zespół B&B
Bezpieczeństwo w biznesie

FortiClient 7.2.3 Fortinet