Release Notes : APM Client 7.1.9.7

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 16.0.1, 16.0.0, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.3, 13.1.1, 13.1.0
Release Notes

Summary:

The Edge Client version 7.1.9.7 is now available on downloads.f5.com.

Contents:

User documentation for this release

For a comprehensive list of documentation that is relevant to this release, refer to the following pages:


Features and enhancements in 7.1.9.7

There are no features or enhancements in 7.1.9.7.

Fixes in 7.1.9.7

The following issues have been fixed in this release.

ID Number Description
842717-7 Fixed the security risk where when the Windows Logon Integration feature is configured for the Edge Client, unauthorized users having physical access to an authorized user's machine could get shell access to internal resources or compromise the availability of the resources.
848353-1 Previously, on Windows, the endpoint check failed to start on a browser when some specific system events were missing, and the browser page indicated that it is waiting for the endpoint status. This issue is now fixed, and now endpoint check runs successfully.
881293-8, 881317-8 Fixed the issue, where the temporary directory created by the Edge Client Windows Installer for extracting various archives and cab files had weak file and folder permissions. This vulnerability allowed the execution of signed .exe and MSI files and could be exploited by an unprivileged user to gain privileged escalation on the client system.
881445-1 Previously, the Edge Client Windows Stonewall driver did not sanitize the pointer received from the userland. A local user on the Windows client system could send crafted DeviceIoControl requests to a \\.\urvpndrv device, causing the Windows kernel to crash. Now, the Stonewall driver sanitizes the pointer before dereferencing it, and this issue is fixed.
882185-8, 882189-8 Fixed a use-after-free memory vulnerability that existed in the Edge Client Windows ActiveX component. This vulnerability allowed an attacker to trigger memory corruption to the browser or execute code from the browser when the attacker crafted a malicious webpage and loaded it into the Internet Explorer browser.
899781-4 Previously, attempting to establish a VPN connection using a WinLogon Integration/Custom dialup failed and reported the following error:

...finished with code, -1073740512

This issue has been fixed, and now WinLogon Integration/Custom dialup establishes VPN successfully.
904617-2 Fixed the issue where split tunneling failed to exclude certain traffic to flow inside the tunnel. Now, the DNS-based exclusion works correctly.
904977-2 Previously, Edge Client did not recognize the onkeypress event when used with a <input> tag, and users could not submit the login form by pressing the Enter key. This issue has been fixed, and now the Edge Client detects the Enter key, and the event attached to the onkeypress event is executed.
913841-1 Fixed the issue where after upgrading the APM client and switching to another VPN server, the clients were unable to connect.
920477-1 Previously, DNS lookups for hostnames mentioned in DNS Exclude Address Space failed when the IP filtering engine option is enabled in Network Access configurations. With this release, the issue has been fixed.
926689-2 Previously, after upgrading from 12.1.2.2.0.276 to 12.1.2.5, users could not connect to RDP via AppTunnel, which loads the ActiveX control. With this release, the issue has been fixed.
932781-1 Fixed the issue, where the Edge Client failed to connect on a system running Windows 10 and with Secure Boot enabled.

As a workaround, disable Secure Boot on Windows systems.

Note: Some systems running Windows 10 have Secure Boot enabled by default to ensure that the client computers boot using only software trusted by the computer.
942953-1 Fixed the issue on Windows 10, the user could not type credentials in the Edge Client window. This occurred because when the user pressed the Ctrl key, the client went into press lock mode and did not allow to type credentials. With this release, skip logic was updated, and this issue is now fixed.

Known issues in 7.1.9.7

There are no known issues in this release.

Contacting F5

North America 1-888-882-7535 or (206) 272-6500
Outside North America, Universal Toll-Free +800 11 ASK 4 F5 or (800 11275 435)
Additional phone numbers Regional Offices
Web http://www.f5.com
Email support@f5.com

Additional resources

You can find additional support resources and technical documentation through a variety of sources.

F5 Support

https://f5.com/support :: Self-solve Options

Free self-service tools give you 24x7 access to a wealth of knowledge and technical support. Whether it is providing quick answers to questions, training your staff, or handling entire implementations from design to deployment, F5 services teams are ready to ensure that you get the most from your F5 technology.

AskF5 Knowledge Base

https://support.f5.com/csp/home

The storehouse for thousands of knowledgebase articles that help you manage your F5 products more effectively. Whether you want to browse periodically to research a solution, or you need the most recent news about your F5 products, AskF5 is your source.

BIG-IP iHealth Diagnostics and BIG-IP iHealth Viewer

https://f5.com/support/tools/ihealth

BIG-IP iHealth Diagnostics identifies issues, including common configuration problems and known software issues. It also provides solutions and links to more information. With BIG-IP iHealth Viewer, you can see the status of your system at-a-glance, drill down for details, and view your network configuration.

F5 DevCentral

https://devcentral.f5.com/

Collaborate and share innovations including code samples, new techniques, and other tips, with more than 300,000 F5 users worldwide. DevCentral is the place to ask questions, find solutions, learn to harness the power of F5’s powerful scripting language, iRules, and much more.

Communications Preference Center

https://interact.f5.com/F5-Preference-Center.html

Here, you can subscribe to a number of communications from F5. For information about the types of notifications F5 provides, see K9970: Subscribing to email notifications regarding F5 products.