Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    (Windows) Release Notes

    Home FortiClient 7.4.3 (Windows) Release Notes
    7.4.3
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.14
    7.2.13
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.10
    6.0.9
    6.0.8
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.6.6
    5.6.5
    5.6.4
    5.6.3
    5.6.2
    5.6.1
    5.6.0
    5.4.5
    5.4.4
    5.4.3
    5.4.2
    5.4.1
    5.4.0

    Resolved issues

    Resolved issues

    The following issues have been fixed in version 7.4.3. For inquiries about a particular bug, contact Customer Service & Support.

    Configuration

    Bug ID

    Description
    1087936 EMS disconnect password with special characters does not work.

    Deployment and installers

    Bug ID

    Description
    1113057 Install does not follow unsupervised scheduled deployment time.

    Endpoint control

    Bug ID Description
    1100661 FortiClient (Windows) does not send SNI connecting to on-premise EMS.
    1110524 After reboot, FortiClient enters configuration loop when switching from SSL VPN-only profile to zero trust network access (ZTNA)-only profile.

    Install and upgrade

    Bug ID

    Description
    1080006 FortiClient (Windows) .exe installer does not properly handle v and msicl command line parameters.

    1111464

    FortiClient daemon crashes with Visual C++ runtime version lower than 14.40.33810.0.

    Onboarding

    Bug ID

    Description
    1081547 Authentication dialog is blank when using invitation code with local or LDAP authentication to connect to EMS.

    PAM

    Bug ID

    Description
    1099622 FortiPAM fails to automatically fill password for proxy mode enabled secret when FortiClient (Windows) fails to add FortiPAM zero trust network access rules in time.
    1101380 This site can't be reached error occurs on first attempt through web launcher in FortiPAM.

    Remote Access

    Bug ID

    Description

    706804

    Disabling local LAN access does not restrict remote access.
    1027199 FortiClient (Windows) sometimes does not log in to system when using SAML VPN before logon.
    1059326 VPN before logon fails with Use Windows Credentials.
    1065837 FortiTray network lockdown is not translated and language should be more consistent with macOS.
    1066263 Free VPN-only agent does not minimize after establishing a tunnel with <minimize_window_on_connect> enabled.

    1086017

    Failed to prompt Host Check Fail warning even though secure remote access is on and endpoint is non-compliant.
    1089023 VPN SAML external browser (e.g Chrome) authentication does not work after successful authentication.
    1090354 Using Windows credentials for VPN is always selected for VPN before logon when <use_windows_credentials> is disabled.
    1109326 <keep_fqdn_resolution_consistency>1</keep_fqdn_resolution_consistency> appends entry to same line in hosts file.

    Remote Access - IPsec VPN

    Bug ID

    Description
    584953 Split tunnel does not work when choosing manual IP address.
    1074153 FortiClient GUI has issues with IPsec VPN IKEv2 over TCP configuration.
    1079047 FortiClient (Windows) on Windows 11 with Intel Wi-Fi 7 BE200 Wi-Fi network adapter cannot connect to IPsec VPN.
    1085855 Saved password becomes empty after reboot when multifactor authentication (MFA), autoconnect, and client certificate are enabled.

    1091700

    LDAP traffic volume is high when endpoint is connected to tunnel.
    1095388 FortiClient does not follow EMS setting for <xauth_timeout>.
    1099714 When using IPsec VPN with RADIUS authentication (Microsoft Entra ID), FortiClient (Windows) clears password field when asking for MFA.
    1099737 FortiClient (Windows) sends excessive LDAP queries.
    1115380 IKEv2 IPsec VPN gets stuck on connected after resuming from CLIENT_RESUME if SA is expired on FortiGate.
    1123378 Abnormal FortiClient (Windows) dead peer detection behavior occurs after FortiClient (Windows) phase1 IKE SA is rekeyed (FortiClient (Windows) sending create-child request).

    1121087

    Subnet exclusion does not work properly in dialup IPsec VPN.

    Remote Access - SSL VPN

    Bug ID

    Description
    909244 Split-DNS name resolution fails after SSL VPN is up for a few minutes, until it runs ipconfig /flushdns.

    909755

    SSL VPN split tunnel does not work for Microsoft Teams.
    1052659 FortiClient (Windows) gets stuck at 98% and cannot reconnect when endpoint is left in standby or sleep for couple of hours until reboot.
    1070783 SSL VPN cannot connect. After successful authentication, FortiClient (Windows) redirects to connection page multiple times.
    1081068 SSL VPN does not connect on Windows Server 2019.
    1085875 FortiClient does not apply regular expressions (regex) on some Remote Access profiles but applies regex on copy of the same profile.
    1098696 FortiClient (Windows) cannot connect to VPN tunnel when the computer is connected to iPhone hotspot and connection attempt gets stuck at 98%.
    1101287 SSL VPN certificate warning occurs for valid certificates if switching between valid certificates in FortiGate.
    1103361 FortiClient (Windows) fails to autoconnect after deploying FortiClient (Windows) on machine that enabled passwordless automatic login.
    1105603 There is a race condition between Windows autologin and autoconnect while connecting to SSL VPN tunnel.
    1110569 FortiClient (Windows) connects to pre-login tunnel after user logs in and connects to telemetry.

    1111305

    Autoconnect is triggered when endpoint wakes from sleep or powers on in on-Fabric location.

    Security posture tags

    Bug ID

    Description
    1027851 FortiClient (Windows) loses security posture tag based on combined rules and requires reinstalling reinstalling FortiClient.
    1103074 Endpoint has both individual security posture tags but is missing composite tag.

    Vulnerability Scan

    Bug ID

    Description
    1054778 FortiClient (Windows) displays incorrect detected version on Vulnerability Scan report GUI.
    1092036 FortiClient logs for the detected vulnerability shows only UUID code as the detectedpath instead of the application's actual path.

    Web Filter and plugin

    Bug ID

    Description
    753066 Web Filter extension requires migration to Manifest V3.
    1061163 Web Filter plugin blocks some websites after file download.
    1090048 Web Filter plugin blocks embedded Google Maps.
    1119412 New FortiClient Web Filter extension 7.4.3.1761 causes slowness and websites opening with delay.

    ZTNA connection rules

    Bug ID

    Description
    1094370 If a ZTNA application is configured to use redundant proxy gateways, FortiClient does not fail over to a secondary proxy gateway if the primary proxy gateway fails.

    Common Vulnerabilities and Exposures

    FortiClient (Windows) 7.4.3 is no longer vulnerable to the following CVE References:

    Bug ID

    Description

    945320

    CVE-2024-50570

    1129740

    CVE-2025-46373

    1147064

    CVE-2025-47761

    Previous
    Next

    Resolved issues

    Resolved issues

    The following issues have been fixed in version 7.4.3. For inquiries about a particular bug, contact Customer Service & Support.

    Configuration

    Bug ID

    Description
    1087936 EMS disconnect password with special characters does not work.

    Deployment and installers

    Bug ID

    Description
    1113057 Install does not follow unsupervised scheduled deployment time.

    Endpoint control

    Bug ID Description
    1100661 FortiClient (Windows) does not send SNI connecting to on-premise EMS.
    1110524 After reboot, FortiClient enters configuration loop when switching from SSL VPN-only profile to zero trust network access (ZTNA)-only profile.

    Install and upgrade

    Bug ID

    Description
    1080006 FortiClient (Windows) .exe installer does not properly handle v and msicl command line parameters.

    1111464

    FortiClient daemon crashes with Visual C++ runtime version lower than 14.40.33810.0.

    Onboarding

    Bug ID

    Description
    1081547 Authentication dialog is blank when using invitation code with local or LDAP authentication to connect to EMS.

    PAM

    Bug ID

    Description
    1099622 FortiPAM fails to automatically fill password for proxy mode enabled secret when FortiClient (Windows) fails to add FortiPAM zero trust network access rules in time.
    1101380 This site can't be reached error occurs on first attempt through web launcher in FortiPAM.

    Remote Access

    Bug ID

    Description

    706804

    Disabling local LAN access does not restrict remote access.
    1027199 FortiClient (Windows) sometimes does not log in to system when using SAML VPN before logon.
    1059326 VPN before logon fails with Use Windows Credentials.
    1065837 FortiTray network lockdown is not translated and language should be more consistent with macOS.
    1066263 Free VPN-only agent does not minimize after establishing a tunnel with <minimize_window_on_connect> enabled.

    1086017

    Failed to prompt Host Check Fail warning even though secure remote access is on and endpoint is non-compliant.
    1089023 VPN SAML external browser (e.g Chrome) authentication does not work after successful authentication.
    1090354 Using Windows credentials for VPN is always selected for VPN before logon when <use_windows_credentials> is disabled.
    1109326 <keep_fqdn_resolution_consistency>1</keep_fqdn_resolution_consistency> appends entry to same line in hosts file.

    Remote Access - IPsec VPN

    Bug ID

    Description
    584953 Split tunnel does not work when choosing manual IP address.
    1074153 FortiClient GUI has issues with IPsec VPN IKEv2 over TCP configuration.
    1079047 FortiClient (Windows) on Windows 11 with Intel Wi-Fi 7 BE200 Wi-Fi network adapter cannot connect to IPsec VPN.
    1085855 Saved password becomes empty after reboot when multifactor authentication (MFA), autoconnect, and client certificate are enabled.

    1091700

    LDAP traffic volume is high when endpoint is connected to tunnel.
    1095388 FortiClient does not follow EMS setting for <xauth_timeout>.
    1099714 When using IPsec VPN with RADIUS authentication (Microsoft Entra ID), FortiClient (Windows) clears password field when asking for MFA.
    1099737 FortiClient (Windows) sends excessive LDAP queries.
    1115380 IKEv2 IPsec VPN gets stuck on connected after resuming from CLIENT_RESUME if SA is expired on FortiGate.
    1123378 Abnormal FortiClient (Windows) dead peer detection behavior occurs after FortiClient (Windows) phase1 IKE SA is rekeyed (FortiClient (Windows) sending create-child request).

    1121087

    Subnet exclusion does not work properly in dialup IPsec VPN.

    Remote Access - SSL VPN

    Bug ID

    Description
    909244 Split-DNS name resolution fails after SSL VPN is up for a few minutes, until it runs ipconfig /flushdns.

    909755

    SSL VPN split tunnel does not work for Microsoft Teams.
    1052659 FortiClient (Windows) gets stuck at 98% and cannot reconnect when endpoint is left in standby or sleep for couple of hours until reboot.
    1070783 SSL VPN cannot connect. After successful authentication, FortiClient (Windows) redirects to connection page multiple times.
    1081068 SSL VPN does not connect on Windows Server 2019.
    1085875 FortiClient does not apply regular expressions (regex) on some Remote Access profiles but applies regex on copy of the same profile.
    1098696 FortiClient (Windows) cannot connect to VPN tunnel when the computer is connected to iPhone hotspot and connection attempt gets stuck at 98%.
    1101287 SSL VPN certificate warning occurs for valid certificates if switching between valid certificates in FortiGate.
    1103361 FortiClient (Windows) fails to autoconnect after deploying FortiClient (Windows) on machine that enabled passwordless automatic login.
    1105603 There is a race condition between Windows autologin and autoconnect while connecting to SSL VPN tunnel.
    1110569 FortiClient (Windows) connects to pre-login tunnel after user logs in and connects to telemetry.

    1111305

    Autoconnect is triggered when endpoint wakes from sleep or powers on in on-Fabric location.

    Security posture tags

    Bug ID

    Description
    1027851 FortiClient (Windows) loses security posture tag based on combined rules and requires reinstalling reinstalling FortiClient.
    1103074 Endpoint has both individual security posture tags but is missing composite tag.

    Vulnerability Scan

    Bug ID

    Description
    1054778 FortiClient (Windows) displays incorrect detected version on Vulnerability Scan report GUI.
    1092036 FortiClient logs for the detected vulnerability shows only UUID code as the detectedpath instead of the application's actual path.

    Web Filter and plugin

    Bug ID

    Description
    753066 Web Filter extension requires migration to Manifest V3.
    1061163 Web Filter plugin blocks some websites after file download.
    1090048 Web Filter plugin blocks embedded Google Maps.
    1119412 New FortiClient Web Filter extension 7.4.3.1761 causes slowness and websites opening with delay.

    ZTNA connection rules

    Bug ID

    Description
    1094370 If a ZTNA application is configured to use redundant proxy gateways, FortiClient does not fail over to a secondary proxy gateway if the primary proxy gateway fails.

    Common Vulnerabilities and Exposures

    FortiClient (Windows) 7.4.3 is no longer vulnerable to the following CVE References:

    Bug ID

    Description

    945320

    CVE-2024-50570

    1129740

    CVE-2025-46373

    1147064

    CVE-2025-47761

    Previous
    Next