Do we have a general idea of the impact of the recent processor vulnerabilities to fortinet systems, specifically in my case a FortiADC 200D? Do we have a timeframe of patches being available in the meantime?
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
FortiClient 5.6.4 released today to address the Meltdown patch for Windows..
My Windows10 is on fasttrack so I think I already got patched for Meltdown in the December build
The Windows 10 patch for Meltdown isn't getting installed automatically on any Windows systems we have that are running FortiClient 5.6.3. We're not running EMS. Trying to run a local windows update says there aren't any updates.
Per Microsoft's description of this at https://support.microsoft.com/sw-ke/help/4056892/windows-10-update-kb4056892 it might mean that MS is seeing FortiClient as AV software that isn't compatible with the patch. But the registry key the KB refers to is properly set on those systems.
Anybody else seeing issues with installing the Windows 10 patch (KB4056891 or KB4056892 I think) on systems with FortiClient 5.6.3? Or anybody successfully installed the patch on Windows 10 systems with FortiClient 5.6.3?
Same issue
Same question
Windows 10 allowed the Meltdown patch to install after I removed FortiClient 5.6.3 from the machine.
EDIT: Note that the registry key Microsoft requires was properly set on the system but it still wouldn't update until I removed FortiClient.
Actually a bit messier than that. Just unregister of the FortiClient, stop services, and uninstall (with reboot) wasn't sufficient. Running FCRemove.exe also not sufficient. Removing the directories the uninstall had left behind also didn't do it. Finally had to hunt through registry entries and do some of the cleanup by hand before Windows considered FortiClient gone enough to allow the patch. Ugh. I really hope those of you managing lots of FortiClients through EMS have an easier way to deal with this, or that my case was a fluke.
A quick search is leading me to this: http://kb.fortinet.com/kb/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=FD40946
FortiClient compatibility with the Microsoft Security update of January 3, 2018 - Meltdown Products FortiClient v5.4 FortiClient v5.6 Description Microsoft released a security update on January 3, 2018 to insure compatibility of a Windows updates related to CPU security flaw (Meltdown) with anti-virus software products (see Microsoft Security Bulletin KB4072699). Fortinet tested the latest active FortiClient software versions 5.4.4 and 5.6.3 and found them fully compatible with Microsoft's January 2018 Security Update. It safe to use these versions with the security update. Solution Microsoft requires that the following registry key exist on all compatible systems, even if there is no AV product installed: Key="HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat" Value Name="cadca5fe-87d3-4b96-b7fb-a231484277cc" Type="REG_DWORD” Data="0x00000000” With the latest active FortiClient versions 5.4.4 and 5.6.3, it will be required to add this key manually, or using Group Policy, in order to receive the January 3, 2018 security update. Fortinet will release new versions of FortiClient prior to January 9, which will add the required registry key automatically.
Fortinet have a PSIRT tracking this here: https://fortiguard.com/psirt/FG-IR-18-002
Best to check up on it to see when there's an update.
So just found out that you cannot install 5.6.3 or earlier with the KB4056892 installed. Just tested it on 3 different machines. Two machines have the update and one did not. The two with the update failed to install (stops and hangs at installing drivers). The one without the patch flies through with no problem. So sounds like to me that the Forticlient program is not on the approved/compatible list. Anyone else having this problem?
Would appreciate input and advice
Donna
FortiClient 5.6.4 released today to address the Meltdown patch for Windows..
My Windows10 is on fasttrack so I think I already got patched for Meltdown in the December build
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1535 | |
1028 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.