Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Resolved issues

The following issues have been fixed in version 6.4.1. For inquiries about a particular bug, contact Customer Service & Support.

GUI

Bug ID

Description

624663 FortiClient does not have Remote Access tab for VPN access after two days of disregistering from EMS.
642908 If user deselects save password option for a VPN tunnel, the autoconnect option remains enabled.
642924 FortiClient (Windows) does not clear VPN password when user deselects save password option.
643190 FortiClient does not show error message when user enters wrong password to restore configuration.

Install and deployment

Bug ID

Description

555541 Endpoint reaches a state where new EMS deployment always fails.
556412 FortiClient (Windows) should provide an option to not install browser addon.
610153 EMS-created deployment package installs wrong feature set.
632834 FortiClient should keep its license and configuration after deployment from EMS even if the EMS is unreachable after upgrade.
635079 Deployment does not work.
635965 When FortiClient (Windows) is installed on offline devices using an EMS-created deployment package, FortiClient (Windows) enters "unregistered" state.
636393 Upgrade from free VPN client to full client does not work as expected.
636774 FortiClient does not autoregister after in-place upgrade.
639676 FortiClient (Windows) has no configuration when installed using MSI and MST.
641174 Upgrade from free version to full version fails to reregister to EMS when using FortiClient (Windows) .exe file.

Endpoint control

Bug ID Description
587261 Endpoint logs Endpoint Quarantine Status changed - Unquarantined.
599779 FortiClient LDAP query performance impact.
638138 FortiClient may lose license and features before administrator configures license timeout value on EMS.
642429 FortiClient (Windows) registration fails on server machines.

655302

epctrl memory leak after repeat download Web Filter custom block page.

Logs

Bug ID

Description

587179 No log for removable device control.
612952 Exporting logs specifies Sandbox as Other category.
630846 FortiClient does not log to FortiAnalyzer.
631435 EMS profile cannot control FortiClient feature debug trace log size.

Malware Protection and Sandbox

Bug ID

Description

580671

FortiClient Web Filter cannot block malicious website due to rating timeout.

592029 FortiClient (Windows) ignores file size limit change for device submissions when submissions come from FortiClient (Windows).

594000

Support drive letter or UNC path for excluding network shares from antivirus (AV) protection.

600765

FortiClient (Windows) log shows Sandbox agent receives "score = 0" instead of "score = 4" for FortiSandbox low-risk file.

606927

FortiClient (Windows) does not send files copied/executed in ISO-mounted CD-ROM to FortiSandbox for further analysis.

629704 Malware Cloud Scan option blocks file access.
631157 FortiSandbox file submission does not work for Microsoft Teams.

632543

FortiClient cannot register with FortiSandbox unless user uses Test button.

Remote Access

Bug ID

Description

557314

FortiClient (Windows) should not allow VPN connection if certificate is invalid and disallow_invalid_server_certificate=1.

599924

Certificate-based IKEv2 cannot connect without enabling EAP.

612364

SSL VPN autoconnect/always up does not work reliably.

623437

IPsec VPN negative split tunnel track.

627245

For IPsec VPN, FortiClient (Windows) resends credentials to multifactor authentication server when user clicks OK button after entering wrong credentials.

629279

FortiClient (Windows) does not execute on_connect script.

630484

FortiClient Connect button does not work if two-factor authentication is canceled.

632389

SSL VPN OS check recognizes Windows 10 as Windows 8 when connecting with a certificate.

634346

DNS queries on LAN interface and dialup interface.

634441

SSL VPN SAML login does not work with realms.

637699

For SSL VPN, if user enters incorrect username/password, they get an error that says that server is unreachable.

639960

FortiClient blocks Adaxes password reset self-service tool from Windows logon screen.

643455

Waking up and logging into the machine can result in a loop if autoconnect is not working.

Web Filter and plugin

Bug ID

Description

524528

FortiClient always allows security risk categories when administrator disables AV and block_malicious_websites =0.

629481

Web Filter plugin always shows same block page for new blocked URL when user leaves warning page without proceeding.

630419

Web Filter does not showing Webpage is blocked message in browser for HTTPS URLs.

644733

Web Filter fails to block exclusion list with files extension in URL with wildcard.

658088

Notification page shows wrong URL for Web Filter.

Other

Bug ID

Description

630844

Some event tabs and icon are missing in EMS for FortiClient.

633532

Software Inventory does not detect Windows Store applications.

642467

After logging out of linked social login service account, FortiClient does not update the avatar.

Common Vulnerabilities and Exposures
Bug ID Description

618242

FortiClient (Windows) 6.4 running AV engine version 6.00243 or later is no longer vulnerable to the following CVE Reference:

  • CVE-2020-9295

Visit https://fortiguard.com/psirt for more information.

Resolved issues

The following issues have been fixed in version 6.4.1. For inquiries about a particular bug, contact Customer Service & Support.

GUI

Bug ID

Description

624663 FortiClient does not have Remote Access tab for VPN access after two days of disregistering from EMS.
642908 If user deselects save password option for a VPN tunnel, the autoconnect option remains enabled.
642924 FortiClient (Windows) does not clear VPN password when user deselects save password option.
643190 FortiClient does not show error message when user enters wrong password to restore configuration.

Install and deployment

Bug ID

Description

555541 Endpoint reaches a state where new EMS deployment always fails.
556412 FortiClient (Windows) should provide an option to not install browser addon.
610153 EMS-created deployment package installs wrong feature set.
632834 FortiClient should keep its license and configuration after deployment from EMS even if the EMS is unreachable after upgrade.
635079 Deployment does not work.
635965 When FortiClient (Windows) is installed on offline devices using an EMS-created deployment package, FortiClient (Windows) enters "unregistered" state.
636393 Upgrade from free VPN client to full client does not work as expected.
636774 FortiClient does not autoregister after in-place upgrade.
639676 FortiClient (Windows) has no configuration when installed using MSI and MST.
641174 Upgrade from free version to full version fails to reregister to EMS when using FortiClient (Windows) .exe file.

Endpoint control

Bug ID Description
587261 Endpoint logs Endpoint Quarantine Status changed - Unquarantined.
599779 FortiClient LDAP query performance impact.
638138 FortiClient may lose license and features before administrator configures license timeout value on EMS.
642429 FortiClient (Windows) registration fails on server machines.

655302

epctrl memory leak after repeat download Web Filter custom block page.

Logs

Bug ID

Description

587179 No log for removable device control.
612952 Exporting logs specifies Sandbox as Other category.
630846 FortiClient does not log to FortiAnalyzer.
631435 EMS profile cannot control FortiClient feature debug trace log size.

Malware Protection and Sandbox

Bug ID

Description

580671

FortiClient Web Filter cannot block malicious website due to rating timeout.

592029 FortiClient (Windows) ignores file size limit change for device submissions when submissions come from FortiClient (Windows).

594000

Support drive letter or UNC path for excluding network shares from antivirus (AV) protection.

600765

FortiClient (Windows) log shows Sandbox agent receives "score = 0" instead of "score = 4" for FortiSandbox low-risk file.

606927

FortiClient (Windows) does not send files copied/executed in ISO-mounted CD-ROM to FortiSandbox for further analysis.

629704 Malware Cloud Scan option blocks file access.
631157 FortiSandbox file submission does not work for Microsoft Teams.

632543

FortiClient cannot register with FortiSandbox unless user uses Test button.

Remote Access

Bug ID

Description

557314

FortiClient (Windows) should not allow VPN connection if certificate is invalid and disallow_invalid_server_certificate=1.

599924

Certificate-based IKEv2 cannot connect without enabling EAP.

612364

SSL VPN autoconnect/always up does not work reliably.

623437

IPsec VPN negative split tunnel track.

627245

For IPsec VPN, FortiClient (Windows) resends credentials to multifactor authentication server when user clicks OK button after entering wrong credentials.

629279

FortiClient (Windows) does not execute on_connect script.

630484

FortiClient Connect button does not work if two-factor authentication is canceled.

632389

SSL VPN OS check recognizes Windows 10 as Windows 8 when connecting with a certificate.

634346

DNS queries on LAN interface and dialup interface.

634441

SSL VPN SAML login does not work with realms.

637699

For SSL VPN, if user enters incorrect username/password, they get an error that says that server is unreachable.

639960

FortiClient blocks Adaxes password reset self-service tool from Windows logon screen.

643455

Waking up and logging into the machine can result in a loop if autoconnect is not working.

Web Filter and plugin

Bug ID

Description

524528

FortiClient always allows security risk categories when administrator disables AV and block_malicious_websites =0.

629481

Web Filter plugin always shows same block page for new blocked URL when user leaves warning page without proceeding.

630419

Web Filter does not showing Webpage is blocked message in browser for HTTPS URLs.

644733

Web Filter fails to block exclusion list with files extension in URL with wildcard.

658088

Notification page shows wrong URL for Web Filter.

Other

Bug ID

Description

630844

Some event tabs and icon are missing in EMS for FortiClient.

633532

Software Inventory does not detect Windows Store applications.

642467

After logging out of linked social login service account, FortiClient does not update the avatar.

Common Vulnerabilities and Exposures
Bug ID Description

618242

FortiClient (Windows) 6.4 running AV engine version 6.00243 or later is no longer vulnerable to the following CVE Reference:

  • CVE-2020-9295

Visit https://fortiguard.com/psirt for more information.