B&B Bezpieczeństwo w biznesie
  • Start
  • O nas
  • Produkty
  • Usługi
    • Szkolenia
    • Bezpieczeństwo w biznesie
    • Audyt bezpieczeństwa informacji
      • Testy penetracyjne
      • Testy ataków socjotechnicznych
    • Audyt konfiguracji Fortigate
    • Prezentacje
    • Wdrożenia sprzętowe
    • Wdrożenia SZBI
  • Blog techniczny
  • Pomoc
  • Kariera
  • Kontakt

FortiMail 7.6.4 koncentruje się na kluczowych poprawkach bezpieczeństwa, zwiększając ochronę danych i stabilność systemu. W tej wersji naprawiono m.in. podatność na SQL Injection, CRLF Injection oraz przechowywanie wrażliwych danych w postaci niezaszyfrowanej, co wzmacnia mechanizmy kontroli dostępu i zabezpiecza system przed nieautoryzowanym ujawnieniem informacji. Więcej informacji poniżej.

Rozwiązane problemy:

Antispam/antivirus

Bug ID Description
1165264 Embedded URLs in PDF attachments are not detected.
1172602 Files with .emf extension are incorrectly detected as application/zip files.
1163240 Email with image attachment is blocked by the content profile as password-protected file.
1184804 Wrong MIME type detection.
1183090 JPEG files are incorrectly detected as RAR files.
1200245 When sender address rate control reaches the limit and some email are in the FortiSandbox queue , FortiMail receives NoResult from FortiSandbox.
1199314 Invisible malicious URLs may not be detected.
1191454 Replacement message action in the content profile action does not work properly.
1194912 SPF check fails due to unknown modifiers.
1189764 Decompressed files with big size are not scanned or sent to quarantine.

Email delivery

Bug ID Description
1180692 Fail to open encrypted email notification link after going through a third party security inspection.
1191404 Need to add missing HEADER FROM value.
110142 In some cases, email is modified even though Deliver to original host is set as Unmodified copy.

System

Bug ID Description
1160450 When generating a certificate signing request (CSR), FortiMail does not add the X509v3 Subject Alternative Name (SAN) extension to the request.
1164834 After upgrading to v7.6.3 release, the HA pair is out of synchronization.
1163747 High CPU usage caused by mailfilterd.
1181505 High CPU usage without known reasons.
1209753 High CPU usage caused by DLP profiles.
1186768 IP address with port indication is not supported in email archiving destination.
1173175 Legitimate email caught by Intelligent Analysis.
1182035 In some cases, a block list entry may be missing in HA mode.
1195444 For FIPS-CC purpose, LDAPS needs to drop the non-approved and non certified algorithms / TLS versions.
1198879 Disabling use of non-FIPS approved algorithms in IBE, S/MIME, and SNMPv3.
1181436 Some disclaimer variables may not work properly.
1161849 After upgrading v7.4.3 to v7.6.3, the system began crashing intermittently with the error message: Failed to boot default entries.
1197184 Changing prohibited terms or dictionary profilesmay cause system freeze.
1189587 UNSEEN error returned from FortiSandbox.

Logs and reports

Bug ID Description
1168320 Database error executing message in antispam logs.
1157617 In some cases, the miglogd process may run into a dead loop.

Administrator GUI/webmail

Bug ID Description
1198315 Older JQuery-UI version is used.
1176950 Under Security > URL Filter > Profile, the total ref number does not display correctly.
1196837 In ForitMail webmail, encrypted email for Zoom session links is replaced with .ICS file attachment.
1194351 Character T and Z appear in FortiMail clawback timestamp for Quarantine Summary email template.
1195458 A report with a comma „,” in its name cannot be generated or deleted.

Common Vulnerabilities and Exposures

FortiMail 7.6.4 is no longer vulnerable to the following CVE/CWE-References.

Visit https://fortiguard.com/psirt for more information.

Bug ID Description
1189174 CWE-358: Improperly Implemented Security Check for Standard
1174554 CWE-93: Improper Neutralization of CRLF Sequences (’CRLF Injection’)
1173145 CWE-312: Cleartext Storage of Sensitive Information
1173144 CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere
1169607 CWE-89: Improper Neutralization of Special Elements used in an SQL Command (’SQL Injection’)

Notatki producenta: FortiMail 7.6.4

Pozdrawiamy,

Zespół B&B
Bezpieczeństwo w biznesie

Post Views: 8

7.6.4 FortiMail FortiMail 7.6.4 Fortinet

Poprzedni artykułFortiManager 7.4.8

Najnowsze

FortiMail 7.6.423 października 2025
FortiManager 7.4.830 września 2025
FortiClient EMS 7.2.1230 września 2025

Kategorie

  • Acronis
  • Aktualności
  • Bez kategorii
  • ESET
  • F-Secure
  • FortiAnalyzer
  • FortiAP
  • FortiAuthenticator
  • FortiClient
  • FortiDeceptor
  • FORTIGATE
  • FORTIMAIL
  • FortiManager
  • FortiNAC
  • FortiSIEM
  • FORTISWITCH
  • FortiWeb
  • NAKIVO
  • Proget
  • Qnap
  • Stormshield
  • Szkolenia
  • Veeam
  • VMware
  • WithSecure

Tagi

6.0.6 6.2.2 6.2.7 6.4.0 6.4.4 6.4.5 6.4.8 7.0.0 7.0.2 7.0.5 7.2.0 7.2.2 ems Eset eset endpoint antivirus eset endpoint security ESET Inspect ESET Protect ESET Protect Cloud F-Secure FMG FortiAnalyzer forti analyzer FortiAP fortiap-w2 FortiAuthenticator FortiClient FortiClientEMS forticlient ems FortiGate FortiMail FortiManager FortiNAC Fortinet FortiOS FortiSIEM FortiSwitch FortiWeb vCenter vCenter Server VMware VMware ESXi vmware esxi 8.0 vmware vcenter VMware vCenter Server

MENU

  • Start
  • O nas
  • Produkty
  • Usługi
    • Szkolenia
    • Bezpieczeństwo w biznesie
    • Audyt bezpieczeństwa informacji
      • Testy penetracyjne
      • Testy ataków socjotechnicznych
    • Audyt konfiguracji Fortigate
    • Prezentacje
    • Wdrożenia sprzętowe
    • Wdrożenia SZBI
  • Blog techniczny
  • Pomoc
  • Kariera
  • Kontakt

BLOG TECHNICZNY

FortiMail 7.6.423 października 2025
FortiManager 7.4.830 września 2025
FortiClient EMS 7.2.1230 września 2025

KONTAKT

biuro@b-and-b.plhttps://www.b-and-b.pl
8:00-16:00
RODO | POLITYKA PRYWATNOŚCI
OGÓLNE WARUNKI REKLAMACJI

BEZPIECZEŃSTWO W BIZNESIE 2025 - wszystkie prawa zastrzeżone

MENU

  • Start
  • O nas
  • Produkty
  • Usługi
    • Szkolenia
    • Bezpieczeństwo w biznesie
    • Audyt bezpieczeństwa informacji
      • Testy penetracyjne
      • Testy ataków socjotechnicznych
    • Audyt konfiguracji Fortigate
    • Prezentacje
    • Wdrożenia sprzętowe
    • Wdrożenia SZBI
  • Blog techniczny
  • Pomoc
  • Kariera
  • Kontakt

BLOG TECHNICZNY

FortiMail 7.6.423 października 2025
FortiManager 7.4.830 września 2025
FortiClient EMS 7.2.1230 września 2025

Kontakt

+48 500-413-313
biuro@b-and-b.pl
8:00-16:00

Korzystamy z plików cookies lub podobnych technologii, by lepiej dopasować treści na stronie do Twoich potrzeb. W każdej chwili możesz zmienić ustawienia cookies. Polityka prywatności

Odmów
Akceptuję
Cookies are small text files that can be used by websites to make a user's experience more efficient. The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission. This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.
  • Necessary
    Always Active
    Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

  • Marketing
    Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

  • Analytics
    Analytics cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

  • Preferences
    Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.

  • Unclassified
    Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.