Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Meltdown/Spectre impact?

Do we have a general idea of the impact of the recent processor vulnerabilities to fortinet systems, specifically in my case a FortiADC 200D?  Do we have a timeframe of patches being available in the meantime?

1 Solution

FortiClient 5.6.4 released today to address the Meltdown patch for Windows..


My Windows10 is on fasttrack so I think I already got patched for Meltdown in the December build

View solution in original post

Valued Contributor II

The Windows 10 patch for Meltdown isn't getting installed automatically on any Windows systems we have that are running FortiClient 5.6.3.  We're not running EMS.  Trying to run a local windows update says there aren't any updates.


Per Microsoft's description of this at it might mean that MS is seeing FortiClient as AV software that isn't compatible with the patch.  But the registry key the KB refers to is properly set on those systems.


Anybody else seeing issues with installing the Windows 10 patch (KB4056891 or KB4056892 I think) on systems with FortiClient 5.6.3?  Or anybody successfully installed the patch on Windows 10 systems with FortiClient 5.6.3?

New Contributor

Same issue

New Contributor

Same question

Contributor III

We noticed CPU util jumped with AV update 2.92730 in 1/1/18 and are wondering if this is related.




Valued Contributor II

Windows 10 allowed the Meltdown patch to install after I removed FortiClient 5.6.3 from the machine.


EDIT: Note that the registry key Microsoft requires was properly set on the system but it still wouldn't update until I removed FortiClient.


Actually a bit messier than that.  Just unregister of the FortiClient, stop services, and uninstall (with reboot) wasn't sufficient.  Running FCRemove.exe also not sufficient.  Removing the directories the uninstall had left behind also didn't do it.  Finally had to hunt through registry entries and do some of the cleanup by hand before Windows considered FortiClient gone enough to allow the patch.  Ugh.  I really hope those of you managing lots of FortiClients through EMS have an easier way to deal with this, or that my case was a fluke.


New Contributor

A quick search is leading me to this:


FortiClient compatibility with the Microsoft Security update of January 3, 2018 - Meltdown Products FortiClient v5.4 FortiClient v5.6  Description Microsoft released a security update on January 3, 2018 to insure compatibility of a Windows updates related to CPU security flaw (Meltdown) with anti-virus software products (see Microsoft Security Bulletin KB4072699). Fortinet tested the latest active FortiClient software versions 5.4.4 and 5.6.3 and found them fully compatible with Microsoft's January 2018 Security Update. It safe to use these versions with the security update. Solution Microsoft requires that the following registry key exist on all compatible systems, even if there is no AV product installed: Key="HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat" Value Name="cadca5fe-87d3-4b96-b7fb-a231484277cc" Type="REG_DWORD” Data="0x00000000” With the latest active FortiClient versions 5.4.4 and 5.6.3, it will be required to add this key manually, or using Group Policy, in order to receive the January 3, 2018 security update. Fortinet will release new versions of FortiClient prior to January 9, which will add the required registry key automatically.

Valued Contributor

Fortinet have a PSIRT tracking this here:


Best to check up on it to see when there's an update.

New Contributor II

So just found out that you cannot install 5.6.3  or earlier with the KB4056892 installed. Just tested it on 3 different machines. Two machines have the update and one did not. The two with the update failed to install (stops and hangs at installing drivers). The one without the patch flies through with no problem. So sounds like to me that the Forticlient program is not on the approved/compatible list. Anyone else having this problem?


Would appreciate input and advice




FortiClient 5.6.4 released today to address the Meltdown patch for Windows..


My Windows10 is on fasttrack so I think I already got patched for Meltdown in the December build


Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors