Fortinet black logo

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Resolved issues

The following issues have been fixed in version 6.4.2. For inquiries about a particular bug, contact Customer Service & Support.

GUI

Bug ID

Description

667351

FortiClient (Windows) reports unlicensed VPN access is available until 2106 after FortiClient free VPN license expires.

668202 Remove application control from GUI.

670848

FortiClient (Windows) hides Remote Access tab if user uses EMS-generated forticlient.msi and forticlient.mst for installation.

681751

Japanese localization update.

Install and deployment

Bug ID

Description

641680 update_task.exe in FortiClient Single Sign On standalone installation folder.
659461 Add support for upgrade to 6.4.2.

672658

Reboot loop when upgrading FortiClient.

Endpoint control

Bug ID Description

573979

FortiClient does not register to FortiClient Cloud when Windows is outdated.

615280

FortiClient (Windows) shows dynamic IP address first in record list but ultimately changes to PC Ethernet IP address.

635068 FortiClient (Windows) should not send user information in each keepalive (KA).

657208

EMS fails to push assigned on-fabric detection rules to endpoint.

660860 Connection key prompt appears if client reboots before enabling key in EMS.
661056 FortiClient (Windows) does not import registration keys from configuration files.

661107

FortiClient (Windows) sends avatar every KA.

661436 FortiESNAC is stuck syncing.

661436

FortiESNAC gets stuck syncing.

661668 FortiClient does not send correct encoding to EMS.

666649

FortiClient (Windows) stops EMS registration attempts when EMS is unreachable.

667269

FortiClient (Windows) fails to match the exact group with the defined Active Directory (AD) group under Zero Trust tagging rules.

670671

Diacritics show incorrectly in endpoint summary detail in EMS.

672914

FortiClient endpoint control issues affect EMS performance.

674300

Incorrect and duplicate NWIFS values.

Logs

Bug ID

Description

662803

Not normalized AV engine and signature versions separated logs fields.

666410

Some clients do not generate endpoint control log for FortiAnalyzer.

681265 Endpoint does not send updated user information to EMS.

Application Firewall

Bug ID

Description

670029 Firewall alerts are incorrectly formatted.

681606

Actions in Japanese.

Malware Protection and Sandbox

Bug ID

Description

595951

FortiSandbox does not send username to Sandbox server.

643118 fcaptmon crashes when reading certain files.
647960 FortiClient fails to detect AV signature is updated rule with McAfee.

651329

Ransomware uses script to render FortiClient (Windows) unusable.

653714 AntiExploit event shows under antivirus events.
655366 Sandbox inspection does not work with Microsoft Edge.

668098

Antiransomware fails to work after timeout.

Remote Access

Bug ID

Description

522348

IPsec VPN IKEv2 does not disconnect when wi-fi is not connected.

537299

FortiClient (Windows) does not use correct SSL VPN split DNS server.

646886

exclusive-routing in vpn.ssl.settings does not work.

647400

FortiClient does not show username and other information when using certificate authentication.

647645

Password renewal breaks if the new password contains Unicode characters.

648876

When connecting VPN before logon, tunnel that requires certificate and configured with certificate filter fails to connect.

650009

IPv6 route that IPsec VPN pushes has higher metric than wireless interface.

651127

FortiClient fails to connect to SSL VPN when using SAML authentication with PingID as the identity provider.

660902

FortiClient cannot connect to VPN when push tokens are enabled and certificate is untrusted.

660925

EMS-registered FortiClient cannot log in to VPN after enabling sslvpn-ems-sn-check on corporate firewall for remote users with two-factor authentication.

661731

SSL VPN with multiple gateways and two-factor authentication (2FA) fails to work.

663875

FortiClient (Windows) does not honor remoteauthtimeout or login-timeout from FortiOS with SAML authentication.

665426

SAML SSL VPN in tunnel mode is broken when using AD Federation Services and Duo 2FA solution.

665641

FortiClient (Windows) tries to autoconnect when autoconnect is disabled.

667351

FortiClient (Windows) reports unlicensed VPN access is available until year 2106 after free VPN license expires.

672516

SSL VPN host check validation does not work for SAML SSO user.

672662

IPsec VPN tunnel disconnects automatically less than one minute after it is up.

673414

Saving password for an SSL VPN tunnel does not work.

674716

SSL VPN using certificate only does not complete following a reboot with a three to four minute delay.

675703

RSA manual token code entry does not work.

677752

GUI does not show Always Up.

678175

FortiClient (Windows) exports unencrypted SSL VPN passwords.

680885

FortiClient (Windows) fails to connect to FortiSASE VPN due to serial number check failure.

Web Filter and plugin

Bug ID

Description

620169 Installing Web Filter plugin only tries to install Chrome plugin.
644776 Web Filter plugin fails to block file download with exclusion list.

645770

Disabling Client Web Filtering When On-Net disables Safe Search even when off-net.

Vulnerability Scan

Bug ID

Description

598242 FortiClient must provide a way to let user clean up vcm scan log history.

Other

Bug ID

Description

577549

clientfeature=unknown logged for cloud-based malware protection.

631826

FortiDeviceGuard.sys with FortiClient causes blue screen of death (BSOD).

634300

Windows crashes due to fortips.sys process.

639249

FortiClient logs show repeated CBBS Callhome failed entries.

663604

FCDBLog.exe crashes in autotest system.

664323

BSOD occurs on Windows 7 x86.

668086

FortiClient (Windows) reaches a state where FCConfig process keeps starting and stopping.

681644

Change FortiClient (Windows) full version VPN expiry days from 3 to 30.

Resolved issues

The following issues have been fixed in version 6.4.2. For inquiries about a particular bug, contact Customer Service & Support.

GUI

Bug ID

Description

667351

FortiClient (Windows) reports unlicensed VPN access is available until 2106 after FortiClient free VPN license expires.

668202 Remove application control from GUI.

670848

FortiClient (Windows) hides Remote Access tab if user uses EMS-generated forticlient.msi and forticlient.mst for installation.

681751

Japanese localization update.

Install and deployment

Bug ID

Description

641680 update_task.exe in FortiClient Single Sign On standalone installation folder.
659461 Add support for upgrade to 6.4.2.

672658

Reboot loop when upgrading FortiClient.

Endpoint control

Bug ID Description

573979

FortiClient does not register to FortiClient Cloud when Windows is outdated.

615280

FortiClient (Windows) shows dynamic IP address first in record list but ultimately changes to PC Ethernet IP address.

635068 FortiClient (Windows) should not send user information in each keepalive (KA).

657208

EMS fails to push assigned on-fabric detection rules to endpoint.

660860 Connection key prompt appears if client reboots before enabling key in EMS.
661056 FortiClient (Windows) does not import registration keys from configuration files.

661107

FortiClient (Windows) sends avatar every KA.

661436 FortiESNAC is stuck syncing.

661436

FortiESNAC gets stuck syncing.

661668 FortiClient does not send correct encoding to EMS.

666649

FortiClient (Windows) stops EMS registration attempts when EMS is unreachable.

667269

FortiClient (Windows) fails to match the exact group with the defined Active Directory (AD) group under Zero Trust tagging rules.

670671

Diacritics show incorrectly in endpoint summary detail in EMS.

672914

FortiClient endpoint control issues affect EMS performance.

674300

Incorrect and duplicate NWIFS values.

Logs

Bug ID

Description

662803

Not normalized AV engine and signature versions separated logs fields.

666410

Some clients do not generate endpoint control log for FortiAnalyzer.

681265 Endpoint does not send updated user information to EMS.

Application Firewall

Bug ID

Description

670029 Firewall alerts are incorrectly formatted.

681606

Actions in Japanese.

Malware Protection and Sandbox

Bug ID

Description

595951

FortiSandbox does not send username to Sandbox server.

643118 fcaptmon crashes when reading certain files.
647960 FortiClient fails to detect AV signature is updated rule with McAfee.

651329

Ransomware uses script to render FortiClient (Windows) unusable.

653714 AntiExploit event shows under antivirus events.
655366 Sandbox inspection does not work with Microsoft Edge.

668098

Antiransomware fails to work after timeout.

Remote Access

Bug ID

Description

522348

IPsec VPN IKEv2 does not disconnect when wi-fi is not connected.

537299

FortiClient (Windows) does not use correct SSL VPN split DNS server.

646886

exclusive-routing in vpn.ssl.settings does not work.

647400

FortiClient does not show username and other information when using certificate authentication.

647645

Password renewal breaks if the new password contains Unicode characters.

648876

When connecting VPN before logon, tunnel that requires certificate and configured with certificate filter fails to connect.

650009

IPv6 route that IPsec VPN pushes has higher metric than wireless interface.

651127

FortiClient fails to connect to SSL VPN when using SAML authentication with PingID as the identity provider.

660902

FortiClient cannot connect to VPN when push tokens are enabled and certificate is untrusted.

660925

EMS-registered FortiClient cannot log in to VPN after enabling sslvpn-ems-sn-check on corporate firewall for remote users with two-factor authentication.

661731

SSL VPN with multiple gateways and two-factor authentication (2FA) fails to work.

663875

FortiClient (Windows) does not honor remoteauthtimeout or login-timeout from FortiOS with SAML authentication.

665426

SAML SSL VPN in tunnel mode is broken when using AD Federation Services and Duo 2FA solution.

665641

FortiClient (Windows) tries to autoconnect when autoconnect is disabled.

667351

FortiClient (Windows) reports unlicensed VPN access is available until year 2106 after free VPN license expires.

672516

SSL VPN host check validation does not work for SAML SSO user.

672662

IPsec VPN tunnel disconnects automatically less than one minute after it is up.

673414

Saving password for an SSL VPN tunnel does not work.

674716

SSL VPN using certificate only does not complete following a reboot with a three to four minute delay.

675703

RSA manual token code entry does not work.

677752

GUI does not show Always Up.

678175

FortiClient (Windows) exports unencrypted SSL VPN passwords.

680885

FortiClient (Windows) fails to connect to FortiSASE VPN due to serial number check failure.

Web Filter and plugin

Bug ID

Description

620169 Installing Web Filter plugin only tries to install Chrome plugin.
644776 Web Filter plugin fails to block file download with exclusion list.

645770

Disabling Client Web Filtering When On-Net disables Safe Search even when off-net.

Vulnerability Scan

Bug ID

Description

598242 FortiClient must provide a way to let user clean up vcm scan log history.

Other

Bug ID

Description

577549

clientfeature=unknown logged for cloud-based malware protection.

631826

FortiDeviceGuard.sys with FortiClient causes blue screen of death (BSOD).

634300

Windows crashes due to fortips.sys process.

639249

FortiClient logs show repeated CBBS Callhome failed entries.

663604

FCDBLog.exe crashes in autotest system.

664323

BSOD occurs on Windows 7 x86.

668086

FortiClient (Windows) reaches a state where FCConfig process keeps starting and stopping.

681644

Change FortiClient (Windows) full version VPN expiry days from 3 to 30.