Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 7.2.9
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    (Windows) Release Notes

    Home FortiClient 7.2.9 (Windows) Release Notes
    7.2.9
    7.4.7
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.14
    7.2.13
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.10
    6.0.9
    6.0.8
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.6.6
    5.6.5
    5.6.4
    5.6.3
    5.6.2
    5.6.1
    5.6.0
    5.4.5
    5.4.4
    5.4.3
    5.4.2
    5.4.1
    5.4.0

    Resolved issues

    Resolved issues

    The following issues have been fixed in version 7.2.9. For inquiries about a particular bug, contact Customer Service & Support.

    Deployment and installers

    Bug ID

    Description
    1104334 Deployment messages is in English for PC with the local language not set to English.
    1113057 Install does not follow unsupervised scheduled deployment time.

    Endpoint control

    Bug ID Description
    1023729 When detecting Fortinet Security Fabric status via DHCP code, local subnet does not work as expected after connecting to VPN.
    1087936 EMS disconnect password with special characters does not work.

    Install and upgrade

    Bug ID

    Description
    995379 Fortinet single sign on mobility agent does not properly install on CIS hardened Windows 10 and 11 image.

    Remote Access

    Bug ID

    Description
    706804 Disabling local LAN access does not restrict remote access.
    1027199 FortiClient (Windows) does not log in to system when using SAML VPN before logon.
    1051036 FortiClient (Windows) 7.2 does not support IPsec VPN SAML authentication using Electron and must support before logon and after logon scenarios.
    1109326 <keep_fqdn_resolution_consistency>1</keep_fqdn_resolution_consistency> appends entry to same line in hosts file.
    1111890 VPN before logon fails to login to hybrid joined Windows as FortiClient (Windows) uses incorrect username format(username@azure_domain).

    Remote Access - IPsec VPN

    Bug ID

    Description
    1085855 Saved password becomes empty after reboot when multifactor authentication (MFA), autoconnect, and client certificate are enabled on IPsec VPN.
    1091700 High volume of LDAP traffic occurs when endpoint is connected to tunnel.
    1099714 When connecting to IPsec VPN with RADIUS authentication (Microsoft Entra ID), FortiClient (Windows) clears password field when asking for MFA.
    1099737 Excessive FortiClient LDAP queries occur.
    1101972 Speed on dialup IPsec VPN with GCM cipher is lower compared to AES256.
    1121089 Listening IP address changes when connected to IPsec VPN.
    1123378 Abnormal FortiClient (Windows) dead peer detection behavior occurs after FortiClient phase 1 IKE SA is rekeyed (FortiClient (Windows) sending create-child request).
    1126275 Performance issues (limited maximum throughput) occur on IPsec VPN dialup with phase 2 AES-GCM.

    Remote Access - SSL VPN

    Bug ID

    Description
    786869 FortiClient (Windows) does not support changing SSL VPN virtual adapter MTU dynamically via EMS configuration.
    1070783 VPN cannot connect. After successful authentication, it redirects to the connect page multiple times.
    1085875 FortiClient ignores partial certificate filters and requires both common name and issuer XML tags.
    1101287 SSL certificate warning displays for valid certificates if switching between valid certificates in FortiGate.
    1103361 FortiClient (Windows) fails to autoconnect after deploying FortiClient (Windows) on Windows machine that enabled passwordless automatic login.
    1105603 VPN does not autoconnect when automatic login is enabled on Windows endpoint.
    1110569 FortiClient (Windows) connects to pre-login tunnel after user logs in and connects to telemetry.
    1111300 SSL VPN tunnel does not connect for almost 15 minutes when coming from sleep mode.
    1111305 Autoconnect triggers when endpoint wakes from sleep or powers on in on-Fabric location.
    1113004 SSL VPN gets stuck on 98% if hostname contains characters with umlauts, such as ä, ö, or ü.

    Zero trust network access connection rules

    Bug ID

    Description
    1130065 fortitransctrl.sys causes blue screen of death.

    Zero Trust tags

    Bug ID

    Description
    1103074 If Zero Trust tag Tag_C is configured as applying to endpoints that are tagged with Tag_A and Tag_B, endpoint that is tagged with Tag_A and Tag_B is missing Tag_C.

    Other

    Bug ID

    Description
    1131418 Diagnostic file retrieved from the client via FortiClient Cloud is corrupted.

    Common Vulnerabilities and Exposures

    FortiClient (Windows) 7.2.9 is no longer vulnerable to the following CVE reference. Visit https://fortiguard.com/psirt for more information.

    Bug ID Description

    1129740

    CVE-2025-46373

    Previous
    Next

    Resolved issues

    Resolved issues

    The following issues have been fixed in version 7.2.9. For inquiries about a particular bug, contact Customer Service & Support.

    Deployment and installers

    Bug ID

    Description
    1104334 Deployment messages is in English for PC with the local language not set to English.
    1113057 Install does not follow unsupervised scheduled deployment time.

    Endpoint control

    Bug ID Description
    1023729 When detecting Fortinet Security Fabric status via DHCP code, local subnet does not work as expected after connecting to VPN.
    1087936 EMS disconnect password with special characters does not work.

    Install and upgrade

    Bug ID

    Description
    995379 Fortinet single sign on mobility agent does not properly install on CIS hardened Windows 10 and 11 image.

    Remote Access

    Bug ID

    Description
    706804 Disabling local LAN access does not restrict remote access.
    1027199 FortiClient (Windows) does not log in to system when using SAML VPN before logon.
    1051036 FortiClient (Windows) 7.2 does not support IPsec VPN SAML authentication using Electron and must support before logon and after logon scenarios.
    1109326 <keep_fqdn_resolution_consistency>1</keep_fqdn_resolution_consistency> appends entry to same line in hosts file.
    1111890 VPN before logon fails to login to hybrid joined Windows as FortiClient (Windows) uses incorrect username format(username@azure_domain).

    Remote Access - IPsec VPN

    Bug ID

    Description
    1085855 Saved password becomes empty after reboot when multifactor authentication (MFA), autoconnect, and client certificate are enabled on IPsec VPN.
    1091700 High volume of LDAP traffic occurs when endpoint is connected to tunnel.
    1099714 When connecting to IPsec VPN with RADIUS authentication (Microsoft Entra ID), FortiClient (Windows) clears password field when asking for MFA.
    1099737 Excessive FortiClient LDAP queries occur.
    1101972 Speed on dialup IPsec VPN with GCM cipher is lower compared to AES256.
    1121089 Listening IP address changes when connected to IPsec VPN.
    1123378 Abnormal FortiClient (Windows) dead peer detection behavior occurs after FortiClient phase 1 IKE SA is rekeyed (FortiClient (Windows) sending create-child request).
    1126275 Performance issues (limited maximum throughput) occur on IPsec VPN dialup with phase 2 AES-GCM.

    Remote Access - SSL VPN

    Bug ID

    Description
    786869 FortiClient (Windows) does not support changing SSL VPN virtual adapter MTU dynamically via EMS configuration.
    1070783 VPN cannot connect. After successful authentication, it redirects to the connect page multiple times.
    1085875 FortiClient ignores partial certificate filters and requires both common name and issuer XML tags.
    1101287 SSL certificate warning displays for valid certificates if switching between valid certificates in FortiGate.
    1103361 FortiClient (Windows) fails to autoconnect after deploying FortiClient (Windows) on Windows machine that enabled passwordless automatic login.
    1105603 VPN does not autoconnect when automatic login is enabled on Windows endpoint.
    1110569 FortiClient (Windows) connects to pre-login tunnel after user logs in and connects to telemetry.
    1111300 SSL VPN tunnel does not connect for almost 15 minutes when coming from sleep mode.
    1111305 Autoconnect triggers when endpoint wakes from sleep or powers on in on-Fabric location.
    1113004 SSL VPN gets stuck on 98% if hostname contains characters with umlauts, such as ä, ö, or ü.

    Zero trust network access connection rules

    Bug ID

    Description
    1130065 fortitransctrl.sys causes blue screen of death.

    Zero Trust tags

    Bug ID

    Description
    1103074 If Zero Trust tag Tag_C is configured as applying to endpoints that are tagged with Tag_A and Tag_B, endpoint that is tagged with Tag_A and Tag_B is missing Tag_C.

    Other

    Bug ID

    Description
    1131418 Diagnostic file retrieved from the client via FortiClient Cloud is corrupted.

    Common Vulnerabilities and Exposures

    FortiClient (Windows) 7.2.9 is no longer vulnerable to the following CVE reference. Visit https://fortiguard.com/psirt for more information.

    Bug ID Description

    1129740

    CVE-2025-46373

    Previous
    Next