Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • (macOS) Release Notes

    Home FortiClient 7.2.5 (macOS) Release Notes
    7.2.5
    7.4.1
    7.4.0
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.10
    6.0.9
    6.0.8
    6.0.7
    6.0.6
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    5.6.6

    Resolved issues

    Resolved issues

    The following issues have been fixed in FortiClient (macOS) 7.2.5. For inquiries about a particular bug, contact Customer Service & Support.

    Application Firewall

    Bug ID

    Description
    977772 Application Firewall system extension remains active after uninstalling FortiClient (macOS), causing endpoint to lose network connectivity.
    986928 FortiClient displays Blocked (Unknown.Application) notification every few minutes.

    Deployment and installers

    Bug ID

    Description
    764672 FortiClient (macOS) displays deployment window for user when EMS administrator configured unattended installation.
    916436 Initialize VPN system extension was failed error displays after upgrade.
    961137 Zero trust network access (ZTNA) records do not populate in /etc/hosts when administrator deploys FortiClient from Intune.
    982204 Verified endpoint gradually becomes unverified and last seen date is outdated when still connected to EMS.

    Logs

    Bug ID

    Description
    1013268 FortiClient does not send blocked/monitored events to the FortiAnalyzer unless Log All URLs and Log User initiated traffic are enabled.

    Real-time protection

    Bug ID

    Description
    988209 Quarantine Management does not show macOS quarantined files.

    Remote Access

    Bug ID

    Description
    834198 On AWS VM, autoconnect does not work and FortiClient displays Initialize VPN system extension was failed error.
    917898 host-check-policy work as AND operation instead of OR operation.
    941513 When PFS is disabled, DH Group is mandatory.
    965143 When upgrading FortiClient (macOS), SAML cookies are not kept.
    968070 <disallow_invalid_server_certificate> attribute does not parse.
    984150 SAML login window does not appear on the first attempt after clicking Disconnect.
    985070 SSL VPN connection with SAML and Keycloak redirect does not close but connection is up.
    987865 When connecting to SAML SSO VPN, FortiClient (macOS) does not display VPN Connecting.
    999358 FortiClient (macOS) does not hide Save Password, Always up, and Auto-connect checkboxes when disallowed in EMS Remote Access profile.
    1000595 User cannot disable SAML authentication in personal IPsec VPN tunnel.
    1024936 FortiClient cannot sync VPN on connect script properly.

    Remote Access - IPsec VPN

    Bug ID

    Description
    929577 With VPN is up, for redundant remote gateway, FortiClient (macOS) fails to use next online gateway to connect if active one is down.
    932288 Enforcing disclaimer message acceptance does not work on IPsec VPN tunnels.
    967173 Monterey - Sonoma system proxy does not work with IPsec VPN.
    970489 Application Firewall decreases internet speed when connecting to IPsec VPN.
    987000 FortiClient (macOS) does not block IPv6 traffic after connecting to IPsec VPN tunnel with Block IPV6 enabled in EMS.
    1031134 IPsec VPN tunnel using SAML authentication does not reconnect while Always Up and Auto Connect are enabled.

    Remote Access - SSL VPN

    Bug ID

    Description
    966377 FortiGate does not see ZTNA tag for macOS users when connected to SSL VPN.
    999205 Internal VPN browser is vulnerable for man in the middle attack.
    1002659

    When connected to internet via mobile tethering, FortiClient (macOS) cannot authenticate to SSL VPN tunnel.
    1006295 FortiClient fails to consistently connect (40%) with DNS round robin of FortiGates (SASE).
    1007613 sslvpn-ems-sn-check error is not descriptive on SAML SSL VPN connections.
    1009802 FortiClient (macOS) using traditional Chinese GUI cannot connect to FortiSASE secure internet access SAML VPN.
    1037133 SASE VPN autoconnect takes long time to reconnect after restarting FortiClient (macOS).

    Web Filter and plugin

    Bug ID

    Description
    937125 Ping drops when user clicks About to update signature.
    948430 Web Filter does not block or warn as expected.
    950402 ProxyMode extension is not installed on macOS device with M2 chip.
    1010838 Endpoint with Docker Desktop does not enforce Web Filter when VPN disconnects.
    1025272 Web Filter causes page load delay when FortiGuard service is unavailable.

    Endpoint control

    Bug ID

    Description
    1007406 On-fabric public IP address rule does not accept subnets.

    FSSOMA

    Bug

    Description
    962067 FortiClient SSO mobile agent (FSSOMA) does not work with Apple local account type.

    Malware Protection and Sandbox

    Bug ID

    Description
    837638 Identify Malware and Exploits Using Signatures Received From FortiSandbox does not work.
    984629 Real-time protection causes delay in opening macOS Sonoma web applications even with exclusions configured.
    995835 Files submitted to Sandbox time out intermittently.

    Vulnerability Scan

    Bug ID

    Description
    913032 EMS does not update vulnerability events correctly after vulnerability scan is performed from FortiClient (macOS).

    Upgrade

    Bug ID

    Description

    1032548

    Telemetry connection information is empty after version upgrade.

    Zero Trust telemetry

    Bug ID

    Description
    951597 If the endpoint is bound to Active Directory (AD), FortiClient fails to sync with EMS with deeply nested AD group.
    1055456 Endpoint reregisters with old FortiClient Cloud instance when using switch option.

    ZTNA connection rules

    Bug ID

    Description
    1005441 FortiClient fails to show status and error message for ZTNA TCP forwarding.
    1027379 FortiClient has performance issue for SMB over ZTNA.

    Other

    Bug ID

    Description
    950099 Non-administrators cannot trust the new Web Filter certificate generated in the system keychain.
    954591 FortiTray crashes as soon as FortiClient (macOS) connects to VPN.

    Common Vulnerabilities and Exposures

    Bug ID Description

    830513

    FortiClient (macOS) 7.2.5 is no longer vulnerable to the following CVE Reference:

    • CVE-2024-31489

    Visit https://fortiguard.com/psirt for more information.
    Previous
    Next

    Resolved issues

    Resolved issues

    The following issues have been fixed in FortiClient (macOS) 7.2.5. For inquiries about a particular bug, contact Customer Service & Support.

    Application Firewall

    Bug ID

    Description
    977772 Application Firewall system extension remains active after uninstalling FortiClient (macOS), causing endpoint to lose network connectivity.
    986928 FortiClient displays Blocked (Unknown.Application) notification every few minutes.

    Deployment and installers

    Bug ID

    Description
    764672 FortiClient (macOS) displays deployment window for user when EMS administrator configured unattended installation.
    916436 Initialize VPN system extension was failed error displays after upgrade.
    961137 Zero trust network access (ZTNA) records do not populate in /etc/hosts when administrator deploys FortiClient from Intune.
    982204 Verified endpoint gradually becomes unverified and last seen date is outdated when still connected to EMS.

    Logs

    Bug ID

    Description
    1013268 FortiClient does not send blocked/monitored events to the FortiAnalyzer unless Log All URLs and Log User initiated traffic are enabled.

    Real-time protection

    Bug ID

    Description
    988209 Quarantine Management does not show macOS quarantined files.

    Remote Access

    Bug ID

    Description
    834198 On AWS VM, autoconnect does not work and FortiClient displays Initialize VPN system extension was failed error.
    917898 host-check-policy work as AND operation instead of OR operation.
    941513 When PFS is disabled, DH Group is mandatory.
    965143 When upgrading FortiClient (macOS), SAML cookies are not kept.
    968070 <disallow_invalid_server_certificate> attribute does not parse.
    984150 SAML login window does not appear on the first attempt after clicking Disconnect.
    985070 SSL VPN connection with SAML and Keycloak redirect does not close but connection is up.
    987865 When connecting to SAML SSO VPN, FortiClient (macOS) does not display VPN Connecting.
    999358 FortiClient (macOS) does not hide Save Password, Always up, and Auto-connect checkboxes when disallowed in EMS Remote Access profile.
    1000595 User cannot disable SAML authentication in personal IPsec VPN tunnel.
    1024936 FortiClient cannot sync VPN on connect script properly.

    Remote Access - IPsec VPN

    Bug ID

    Description
    929577 With VPN is up, for redundant remote gateway, FortiClient (macOS) fails to use next online gateway to connect if active one is down.
    932288 Enforcing disclaimer message acceptance does not work on IPsec VPN tunnels.
    967173 Monterey - Sonoma system proxy does not work with IPsec VPN.
    970489 Application Firewall decreases internet speed when connecting to IPsec VPN.
    987000 FortiClient (macOS) does not block IPv6 traffic after connecting to IPsec VPN tunnel with Block IPV6 enabled in EMS.
    1031134 IPsec VPN tunnel using SAML authentication does not reconnect while Always Up and Auto Connect are enabled.

    Remote Access - SSL VPN

    Bug ID

    Description
    966377 FortiGate does not see ZTNA tag for macOS users when connected to SSL VPN.
    999205 Internal VPN browser is vulnerable for man in the middle attack.
    1002659

    When connected to internet via mobile tethering, FortiClient (macOS) cannot authenticate to SSL VPN tunnel.
    1006295 FortiClient fails to consistently connect (40%) with DNS round robin of FortiGates (SASE).
    1007613 sslvpn-ems-sn-check error is not descriptive on SAML SSL VPN connections.
    1009802 FortiClient (macOS) using traditional Chinese GUI cannot connect to FortiSASE secure internet access SAML VPN.
    1037133 SASE VPN autoconnect takes long time to reconnect after restarting FortiClient (macOS).

    Web Filter and plugin

    Bug ID

    Description
    937125 Ping drops when user clicks About to update signature.
    948430 Web Filter does not block or warn as expected.
    950402 ProxyMode extension is not installed on macOS device with M2 chip.
    1010838 Endpoint with Docker Desktop does not enforce Web Filter when VPN disconnects.
    1025272 Web Filter causes page load delay when FortiGuard service is unavailable.

    Endpoint control

    Bug ID

    Description
    1007406 On-fabric public IP address rule does not accept subnets.

    FSSOMA

    Bug

    Description
    962067 FortiClient SSO mobile agent (FSSOMA) does not work with Apple local account type.

    Malware Protection and Sandbox

    Bug ID

    Description
    837638 Identify Malware and Exploits Using Signatures Received From FortiSandbox does not work.
    984629 Real-time protection causes delay in opening macOS Sonoma web applications even with exclusions configured.
    995835 Files submitted to Sandbox time out intermittently.

    Vulnerability Scan

    Bug ID

    Description
    913032 EMS does not update vulnerability events correctly after vulnerability scan is performed from FortiClient (macOS).

    Upgrade

    Bug ID

    Description

    1032548

    Telemetry connection information is empty after version upgrade.

    Zero Trust telemetry

    Bug ID

    Description
    951597 If the endpoint is bound to Active Directory (AD), FortiClient fails to sync with EMS with deeply nested AD group.
    1055456 Endpoint reregisters with old FortiClient Cloud instance when using switch option.

    ZTNA connection rules

    Bug ID

    Description
    1005441 FortiClient fails to show status and error message for ZTNA TCP forwarding.
    1027379 FortiClient has performance issue for SMB over ZTNA.

    Other

    Bug ID

    Description
    950099 Non-administrators cannot trust the new Web Filter certificate generated in the system keychain.
    954591 FortiTray crashes as soon as FortiClient (macOS) connects to VPN.

    Common Vulnerabilities and Exposures

    Bug ID Description

    830513

    FortiClient (macOS) 7.2.5 is no longer vulnerable to the following CVE Reference:

    • CVE-2024-31489

    Visit https://fortiguard.com/psirt for more information.
    Previous
    Next