Do we have a general idea of the impact of the recent processor vulnerabilities to fortinet systems, specifically in my case a FortiADC 200D? Do we have a timeframe of patches being available in the meantime?
The Windows 10 patch for Meltdown isn't getting installed automatically on any Windows systems we have that are running FortiClient 5.6.3. We're not running EMS. Trying to run a local windows update says there aren't any updates.
Anybody else seeing issues with installing the Windows 10 patch (KB4056891 or KB4056892 I think) on systems with FortiClient 5.6.3? Or anybody successfully installed the patch on Windows 10 systems with FortiClient 5.6.3?
Windows 10 allowed the Meltdown patch to install after I removed FortiClient 5.6.3 from the machine.
EDIT: Note that the registry key Microsoft requires was properly set on the system but it still wouldn't update until I removed FortiClient.
Actually a bit messier than that. Just unregister of the FortiClient, stop services, and uninstall (with reboot) wasn't sufficient. Running FCRemove.exe also not sufficient. Removing the directories the uninstall had left behind also didn't do it. Finally had to hunt through registry entries and do some of the cleanup by hand before Windows considered FortiClient gone enough to allow the patch. Ugh. I really hope those of you managing lots of FortiClients through EMS have an easier way to deal with this, or that my case was a fluke.
FortiClient compatibility with the Microsoft Security update of January 3, 2018 - Meltdown
FortiClient v5.4 FortiClient v5.6
Microsoft released a security update on January 3, 2018 to insure compatibility of a Windows updates related to CPU security flaw (Meltdown) with anti-virus software products (see Microsoft Security Bulletin KB4072699).
Fortinet tested the latest active FortiClient software versions 5.4.4 and 5.6.3 and found them fully compatible with Microsoft's January 2018 Security Update.
It safe to use these versions with the security update.
Microsoft requires that the following registry key exist on all compatible systems, even if there is no AV product installed:
With the latest active FortiClient versions 5.4.4 and 5.6.3, it will be required to add this key manually, or using Group Policy, in order to receive the January 3, 2018 security update.
Fortinet will release new versions of FortiClient prior to January 9, which will add the required registry key automatically.
So just found out that you cannot install 5.6.3 or earlier with the KB4056892 installed. Just tested it on 3 different machines. Two machines have the update and one did not. The two with the update failed to install (stops and hangs at installing drivers). The one without the patch flies through with no problem. So sounds like to me that the Forticlient program is not on the approved/compatible list. Anyone else having this problem?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.