Palo – Tech Blog

16. Juni 20219. Juli 2021

Windows update breaks SSO event log readers (FSSO, PAN UIA, WG ELM)

Microsoft has released KB5003646 on the 6th of June 2021. Part of this update is a security hardening measurement to align with recommendations as a conclusion out of CVE-2021-31958.

As a known issue of this KB5003646, microsoft has noted in the release notes: «After installing this or later updates, apps accessing event logs on remote devices might be unable to connect.»

This is exactly what is happening on Fortinet FSSO (FSSO with FortiGate, as well as FSSO over the FortiAuthenticator) and Palo Alto Networks User-ID Agent. They are not working anymore after the installation of Update KB5003646.

7. Juli 20207. Juli 2020

FortiClient/PaloAlto Support for Catalina – «legacy system extensions» error

Since a while, the most recent macOS versions the system do report the use of «legacy system extensions» which is often triggered by modules or plugins of low-level software like VPN Clients, AV software etc.

10. Juni 20207. Juli 2020

Websites are not working anymore

Since June 1st you may notice that some websites (https) are not working anymore when Fortigate or the Palo Alto Networks Firewall is doing decryption or certificate inspection. Typically you are getting one of the following error messages:

5,258 total views, 3 views today