26.1.a
The following issues have been fixed in FortiEndpoint 26.1.a:
Deployment and Installers
|
Bug ID |
Description |
|---|---|
| 1203744 |
Installer assigned to a group of endpoints does not trigger the upgrade as the deployment schedule is not created. |
Endpoint Management
|
Bug ID |
Description |
|---|---|
| 1216934 |
Entra ID sync and deregistration issue. |
|
1179268 |
Large Entra ID domain import fails. |
Endpoint Policy and Profile
|
Bug ID |
Description |
|---|---|
| 1162867 |
FortiEndpoint displays duplicate entries for web filter profiles imported from FortiGate. Deleting one of the duplicated entries results in both being removed. |
| 1176906 |
After switching from "Manual Set" to "Mode Config" for an IKEv2 tunnel, FortiEndpoint still pushes the old manually set configuration to FortiClient. |
| 1204095 |
Entra ID users are not matched against policies and end up matching the default policy. |
Fabric and Connectors
|
Bug ID |
Description |
|---|---|
|
1150817 |
No "Delete associated auto-detected ZTNA application data" option when removing a FortiGate from an HA cluster. |
|
1231061 |
All destinations configured and synced from the FortiGate are duplicated on the ZTNA Applications Catalog. |
Software Inventory
|
Bug ID |
Description |
|---|---|
| 1209075 |
All software inventory is deleted within 10 minutes of software being reported by FortiClient. |
Zero Trust Telemetry (On Boarding)
|
Bug ID |
Description |
|---|---|
| 1195127 |
FortiEndpoint login using email fails if the UPN and SAM account name have different naming conventions. |
ZTNA TCP/UDP Forwarding
|
Bug ID |
Description |
|---|---|
|
1104178 |
ZTNA application is missing after being edited on the FortiGate. |
|
1158448 |
The alias for a ZTNA server disappears from the FortiEndpoint GUI after you create a new ZTNA server on the FortiGate. |
|
1184219 |
Auto-detected ZTNA destinations cannot be deleted, even after removal on the FortiGate. |
FortiGuard Outbreak
|
Bug ID |
Description |
|---|---|
|
1103367 |
Outbreak detection rules are tagged/untagged by FortiEndpoint. |
EDR
| Bug ID | Description |
|---|---|
| 1234317 | Navigation bar display issue for low screen resolutions. |
| 1171377, 1170260 | Non-aggregated event ID in custom connector. |
| 1186639 | Issue with "Scan executable files only" in file scan. |
| 1158939 |
Error message is confusing when the host firewall rule description exceeds 255 characters. |
| 1218426 | Added "Process Owner" to the Incidents list. |
| 1170992 | Confusing error message in Connectors page. |
| 1138142 | Missing icon for Add rule button in host firewall page. |
| 1171957 |
Disk encryption should not list the partial encrypt option for macOS. |
| 1178979 | Sorting by Last Seen Descending leads to unreadable data on the Communication Control page. |
| 1185174 | Deleting incident does not work after filtering. |
| 1186141 | No validation that aggregator mapping is unique for Collector move. |
| 1188836 | Misleading error message when a read-only user tries to enable a disk encryption policy. |
| 1184678 | UI refresh issue after a read-only user attempts to add groups to disk encryption or host firewall policies. |
| 1163104 |
The Add connector drop-down menu should be sorted alphabetically. |
| 1211611 | Incident View sort issue. |
| 1224803 | Issue with username length limit. |
| 1230456, 1220014 | Isolating a device and removing isolation does not work in Investigation View. |
| 1238237, 1215753 | Incident ID is missing in syslog. |
| 1174766, 1179507 | An XDR event is displayed as unpopulated in Incidents View. |
| 1188797, 1191908 | Misalignment of classification. |
|
1159575, 1166684 |
Issue with device count display. |
|
1182053, 1182450 |
Unmanaged devices display issue. |
|
1186676, 1187253 |
An exception output in a syslog message. |
|
1183540, 1187348, 1191060, 1188833 |
Exclusion path validation causes Collector degradation. |
|
1182762, 1191427 |
User access connector fails to connect after credentials update. |
|
1187519, 1188322 |
Improved performance of Get Logs action. |
|
1187126, 1196273 |
Issue with fetching threat hunting data when the organization is deleted. |
|
1200914, 1201714 |
Issue with Linux Collector content upload. |
|
1179001, 1202248, 1184113 |
Failure in exporting exception settings. |
|
1177744, 1203931 |
Process name display issue in Investigation View. |
|
1191006, 1205581, 1199216 |
A rare memory allocation issue. |
|
1193913, 1205080 |
Error in configuration update. |
|
1159891, 1219304, 1196888, 1201154 |
Covering query slows down with large number of destinations. |
|
1202613, 1209301 |
Display issue in Most Targeted items view. |
|
1204005, 1217350, 1235353, 1209298 |
Core dergadation issue. |
|
1220710, 1209328, 1211303 |
Advanced search display issue related to policies list and device groups. |
|
1204636, 1209664 |
|
|
1210844, 1216877 |
Sorting inventory by Last Seen switches back to the default sort. |
|
1218726, 1213231 |
Layout issue of a long path in event analysis view. |
|
1212148, 1216876 |
Consolidation status update sync issue. |
|
1126928, 1216841 |
Event exception shows "with any script" instead of command line in the description. |
|
1210689, 1217325 |
Cannot update existing threat hunting profile when associated to deleted categories. |
|
1217394, 1191006, 1219474, 1220588, 1221207, 1221209, 1225416, 1225928, 1227186, 1227190, 1228871, 1228776, 1230422, 1230989, 1232300, 1235808, 1236359, 1236360, 1238680, 1240019, 1240021, 1218992 |
Memory handling issue causing display update delays and errors. |
| 1151334, 1220012 | Internal IP is shown as N/A in Investigation View. |
| 1055629, 1216874 | GUI issue with creating an exception on command line. |
| 1213961, 1218997 | Error in saving new applications in Application Control Manager after organization migration. |
| 1220688, 1225345 | Error message popup in File Scan. |
| 1225514, 1227791, 1225348 | Cannot load events when a filter is selected in the Incidents View. |
| 1226198, 1226608 | Incident export file contains irrelevant data. |
| 1211626, 1227651 | No Collector report under Application Usage when you select an application in the Communication Control page. |
| 1227059, 1230365 | Inconsistent results when searching event ID. |
| 1229819 |
Not all variants are displayed when using advanced filters in Investigation View. |
| 1182542, 1198243 | Deep scan failure when a duplicate IoT device is detected. |
| 1159891, 1163601 | Saving a specific exception is slow. |
| 1182540, 1183001 |
CVE links in Communication Control goes to the old site instead of the new one. |
| 1207734, 1207962 1198710 | Failure in saving a new LDAP connector. |
| 1145570, 1156914 | Error when converting query. |
|
1231251, 1232168, 1232649 |
Incidents with identical process names appear as separate incident entries. |
Vulnerabilities and Exposures
FortiEndpoint 26.1.a is no longer vulnerable to the following CVE references. Visit https://fortiguard.com/psirt for more information.
| Bug ID | Description |
|---|---|
| 1199423 | |
|
1229399 |