B&B Bezpieczeństwo w biznesie
  • Start
  • O nas
  • Produkty
  • Usługi
    • Szkolenia
    • Cyberbezpieczny Samorząd
    • Audyt bezpieczeństwa informacji
      • Testy penetracyjne
      • Testy ataków socjotechnicznych
    • Audyt konfiguracji Fortigate
    • Prezentacje
    • Wdrożenia
  • Blog techniczny
  • Pomoc
  • Kariera
  • Kontakt

Producent oprogramowania Fortinet, udostępnił najnowszą aktualizację dla FortiClient o oznaczeniu 7.0.2. Nowsza wersja została poprawiona pod względem bezpieczeństwa, dzięki zwiększeniu działania oprogramowania antyransomware, które nie wykrywało plików LockFile. Również zostały skorygowane problemy z synchronizacją FortiClient. Po więcej informacji, zapraszam do dalszej części artykułu.

Wspierane system:

Windows:

  • Microsoft Windows 11 (64-bit)
  • Microsoft Windows 10 (32-bit and 64-bit)
  • Microsoft Windows 8.1 (32-bit and 64-bit)
  • Microsoft Windows 7 (32-bit and 64-bit)

MacOs:

  • macOS Monterey (version 12)
  • macOS Big Sur (version 11)
  • macOS Catalina (version 10.15)

Linux:

  • Ubuntu 18.04 and later
  • CentOS 7.4 and later
  • Red Hat 7.4 and later

Rozwiązane problemy:

Endpoint control

Bug ID Description
742070 FortiClient is stuck syncing and cannot be manually reconnected.
748395 FortiClient (Windows) does not send correct operating system version for Windows 11 and Windows Server 2022.

Malware Protection and Sandbox

Bug ID Description
742383 Antiransomware fails to detect LockFile ransomware.

Upgrade

Bug ID Description
755174 FortiClient (Windows) 7.0.2 online installer cannot upgrade FortiClient (Windows) 7.0.1 to 7.0.2.

Common Vulnerabilities and Exposures

Bug ID Description
637256 FortiClient (Windows) 7.0.2 is no longer vulnerable to the following CVE Reference:

  • CVE-2021-36183

Visit https://fortiguard.com/psirt for more information.
721745 FortiClient (Windows) 7.0.2 is no longer vulnerable to the following CVE Reference:

  • CVE-2021-41028

Visit https://fortiguard.com/psirt for more information.

 

Znane problemy do rozwiązania:

Install and deployment

Bug ID Description
716597 Installation using norestart parameter requests reboot.
737288 Cannot use FortiClient (Windows) with Microsoft Defender using Windows Defender Application Control policy.
752345 'invalid_cert_action' specified in installer is not applied at installation.
756715 EMS defaults Invalid Cert Action to Warn for created FortiClient installer.Workaround: EMS administrator to select Allow for Invalid Cert Action when creating FortiClient installer.

Application Firewall

Bug ID Description
663024 Add VMware Horizon Virtual Desktop Infrastructure Agent signature.
717628 Application Firewall causes issues with Motorola RMS high availability client.

GUI

Bug ID Description
725644 Google social network login does not work properly.
726911 GUI cannot show tags if tag name contains character that needs to be escaped.
742425 Disabling export logs option does not work .
742676 „the exception illegal Instruction error” occurs.
744542 FortiClient (Windows) displays blank SAML login window after accepting security warning.
751299 FortiClient has empty vulnerability details tab.
752349 Invalid certificates action in Settings does not update after receiving updated Endpoint Control profile.
752356 Invalid Certificate Detected alert disappears after 20 seconds without clicking Accept or Deny .

Zero Trust Network Access (ZTNA) connection rules

Bug ID Description
730459 FortiClient certificate serial number in endpoint is incorrect.
733255 FortiClient (Windows) must disconnect and reconnect to EMS to fix access issue when visiting a ZTNA-enabled site.
742103 ZTNA connection rule deletion does not take effect immediately.

Zero Trust Telemetry

Bug ID Description
678388 Active Directory user logoff does not trigger tag message from FortiClient (Windows).
702660 Switching AD users does not modify user details in EMS Endpoints table.
705010 After switching users, FortiClient does not send new user information to EMS, causing the EMS Endpoints pane to show the endpoint with an incorrect username.
714131 Migrating FortiClient to different server fails when connection key is enabled.
721651 When connected to a full VPN to FortiGate, FortiClient sends virtual IP and MAC addresses to EMS.
722199 FortiClient stays in registration progress to FortiClient Cloud and never returns connection result.
724038 Zero Trust tag rule does not work properly for AD-joined devices when endpoints connect to EMS via SSL VPN.
724988 FortiClient uses FortiSASE egress IP address as the public IP address.
731525 FortiClient (Windows) does not detect AV is not up-to-date tagging rule result properly.
736210 FortiGate endpoint record list does not show all IPsec and SSL VPN tunnel entries.
736587 Assignment of vulnerability-related ZTNA tags is inconsistent for endpoints that have same Vulnerability Scan result.
736684 Vulnerable Devices Severity Level tagging rule does not respect selected level.
738813 FortiESNAC process causes high CPU, but issue disappears after removing Zero Trust tagging rules and running Windows updates.

Malware Protection and Sandbox

Bug ID Description
693565 Chrome cannot rename temporary download files because Sandbox agent locks them.
700396 Device driver cannot be loaded (code 38).
709729 realtime_scan log disappears after ten seconds.
729499 Endpoints fail to update AV signatures, causing EMS to consistently send AV out-of-date email notifications.
730054 Allow Admin Users to Terminate Scheduled and On-Demand Scans from FortiClient Console feature does not work as expected.
734012 FortiClient does not respect exclusions if malicious file is detected as riskware.
747481 Antivirus right-click on-demand scan fails.
749331 FortiClient is snoozed in Windows Security in Windows settings due to conflict with FortiEDR.
749348 Performance issues after upgrade.

Remote Access

Bug ID Description
639981 SAML login does not work when PKI group and SAML group are assigned to an SSL VPN policy together.
649426 IPsec and SSL VPN per-application VPN split tunnel does not work properly.
684913 SAML authentication on SSL VPN with realms does not work.
707882 IPsec VPN fails to autoconnect with Failed to launch IPsec service error.
710783 When per-machine and user autoconnect are both configured, per-machine tunnel drops in minutes before logging in to Windows.
710877 SSL VPN with SAML (Azure AD) and two gateways does not work.
711227 Per-user autoconnect starts autoconnect before logging in to Windows.
711402 Per-user autoconnect does not establish, and per-machine autoconnect remains connected after logging in to Windows.
716323 IPsec VPN cannot connect, with no response from GUI.
717512 IPsec VPN disclaimer message present in EMS profile is not present on endpoints, and FortiClient (Windows) does not show a disclaimer.
717913 FortiSASE VPN fails to reestablish after upgrading FortiSASE-related components.
724452 IPsec VPN tunnel with multiple gateways does not connect to the second gateway if the first one is inaccessible when the certificate is used.
724632 FortiClient (Windows) does not send SAML logout event to FortiAuthenticator.
725631 Network interfaces on laptops with Windows 10 stay unavailable after hibernation or sleep.
726249 FortiClient cannot effectively exempt trusted FQDNs from FortiSASE VPN.
726680 VPN clients take 20 seconds to disconnect when using a remote gateway where FQDN is resolved to multiple IP addresses and one is inaccessible.
727695 FortiClient on Windows 10 fails to block SSL VPN when FortiClient (Windows) has prohibit host tag.
729233 FortiSASE Trusted Traffic feature (split tunnel) requires restarting the FortiClient SSL VPN connection to take effect.
731011 FortiClient (Windows) is stuck at 98% connecting to SSL VPN tunnel when integrated with SAML (Azure AD) authentication.
731127 SSL VPN tunnel with SAML login displays Empty username is not allowed. error due to having multiple gateways defined.
731152 FortiClient (Windows) reports that it cannot reach corporate network when SSL VPN is connected.
731912 FortiClient does not register any interface’s IP addresses to the DNS server, when IPsec VPN tunnel is up.
734866 Tunnel with per-machine autoconnect before OS start configured keeps trying to connect after failing to connect to VPN.
735105 Per-machine autoconnect certificate dropdown list also lists certificates in current user store before logging in to Windows.
736353 Multigateway failover does not go back to check previous gateways when failing over to see if they are up.
737798 FortiClient (Windows) does not try to connect with the second gateway if it cannot access the first one.
737964 When connecting to VPN before logging on to Windows, the certificate dropdown list shows multiple ZTNA certificates.
740410 FortiClient (Windows) applies client certificate to unmatched mapping of SSL VPN.
740679 Always-on VPN requires credentials when switching networks.
740725 SSL VPN on OS start does not reestablish following network issues.
742279 FortiClient to FortiGate SSL VPN is stuck during connection with SAML.
742833 Per-machine VPN before logon does not connect after upgrade.
743009 With Azure AD, FortiClient cannot connect SSL VPN using SAML and status is stuck at 98%.
743925 Host check warning prompt cannot display all predefined warning messages.
744020 SSL VPN and Web Filter problems.
744945 VPN before logon cannot connect before Windows logon, causing the Group Policy Object to be unable to commit before logon.
749735 FortiClient (Windows) cannot connect VPN to company network using T-Mobile IPv6 network.
751430 Split tunnel, split DNS, and remote DNS server resolution do not work.
751669 Application-based split tunnel breaks exclusive routing on SSL VPN.
752346 IP address assigned to the SSL VPN NIC in remote user PC and split tunnel routes is not installed.
753531 Windows client connected to VPN does not use targeted DNS servers acquired via DHCP on FortiClient (Windows) VA.
754820 Enabling host check for only the firewall does not work properly.
755510 SSL VPN dual stack does not work if using certificate in local machine.

Vulnerability Scan

Bug ID Description
741459 Vulnerability Scan detects Python as critical/high vulnerability after removal.

Web Filter and plugin

Bug ID Description
657715 FortiProxy fails to start.
734400 Proxy service fails to process HTTPS connections.
740802 Web Filter displays unknown category for many entries in blocklist.
743738 FortiClient should avoid sending delimiter characters inside events.
748250 FortiClient does not detect that Web Filter plugin is stalled and blocks navigation.

Logs

Bug ID Description
704611 FortiClient does not send logs to FortiAnalyzer.
720388 FortiClient fails to provide log for secure Remote Access compliance enforcement.
746181 FortiClient does not generate logs when VPN is blocked due to compliance tag.

 

Notatki producenta: FortiClient 7.0.2

Pozdrawiamy,

Zespół B&B
Bezpieczeństwo w biznesie

Post Views: 1 401

7.0.2 FortiClient FortiClient 7.0.2

Poprzedni artykułESET PROTECT Cloud 3.0.0Następny artykuł FortiAP 7.0.2

Najnowsze

FortiOS 7.0.1630 października 2024
FortiManager 7.6.130 października 2024
FortiAnalyzer 7.4.522 października 2024

Kategorie

  • Acronis
  • Aktualności
  • Bez kategorii
  • ESET
  • F-Secure
  • FortiAnalyzer
  • FortiAP
  • FortiAuthenticator
  • FortiClient
  • FortiDeceptor
  • FORTIGATE
  • FORTIMAIL
  • FortiManager
  • FortiNAC
  • FortiSIEM
  • FORTISWITCH
  • FortiWeb
  • NAKIVO
  • Proget
  • Qnap
  • Stormshield
  • Szkolenia
  • Veeam
  • VMware
  • WithSecure

Tagi

6.0.6 6.2.2 6.2.7 6.4.0 6.4.4 6.4.5 6.4.8 7.0.0 7.0.2 7.0.5 7.2.0 7.2.2 Eset eset endpoint antivirus eset endpoint security ESET Inspect ESET Protect ESET Protect Cloud F-Secure f-secure client security FMG FortiAnalyzer forti analyzer FortiAP fortiap-w2 FortiAuthenticator FortiClient FortiClientEMS forticlient ems FortiGate FortiMail FortiManager FortiNAC Fortinet FortiOS FortiSIEM FortiSwitch FortiWeb vCenter vCenter Server VMware VMware ESXi vmware esxi 8.0 vmware vcenter VMware vCenter Server

MENU

  • Start
  • O nas
  • Produkty
  • Usługi
    • Szkolenia
    • Cyberbezpieczny Samorząd
    • Audyt bezpieczeństwa informacji
      • Testy penetracyjne
      • Testy ataków socjotechnicznych
    • Audyt konfiguracji Fortigate
    • Prezentacje
    • Wdrożenia
  • Blog techniczny
  • Pomoc
  • Kariera
  • Kontakt

BLOG TECHNICZNY

FortiOS 7.0.1630 października 2024
FortiManager 7.6.130 października 2024
FortiAnalyzer 7.4.522 października 2024

KONTAKT

+48 500-413-313
biuro@b-and-b.plhttps://www.b-and-b.pl
8:00-16:00
RODO | POLITYKA PRYWATNOŚCI
OGÓLNE WARUNKI REKLAMACJI

BEZPIECZEŃSTWO W BIZNESIE 2024 - wszystkie prawa zastrzeżone

MENU

  • Start
  • O nas
  • Produkty
  • Usługi
    • Szkolenia
    • Cyberbezpieczny Samorząd
    • Audyt bezpieczeństwa informacji
      • Testy penetracyjne
      • Testy ataków socjotechnicznych
    • Audyt konfiguracji Fortigate
    • Prezentacje
    • Wdrożenia
  • Blog techniczny
  • Pomoc
  • Kariera
  • Kontakt

BLOG TECHNICZNY

FortiOS 7.0.1630 października 2024
FortiManager 7.6.130 października 2024
FortiAnalyzer 7.4.522 października 2024

Kontakt

+48 500-413-313
biuro@b-and-b.pl
8:00-16:00
Add new entry logo

Korzystamy z plików cookies lub podobnych technologii, by lepiej dopasować treści na stronie do Twoich potrzeb.
W każdej chwili możesz zmienić ustawienia cookies. Polityka prywatności

Akceptuję Odmów
Cookies are small text files that can be used by websites to make a user's experience more efficient. The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission. This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.
  • Always Active
    Necessary
    Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
  • Marketing
    Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.
  • Analytics
    Analytics cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
  • Preferences
    Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
  • Unclassified
    Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.