What’s New in AV Engine 5.355

What’s New in AV Engine 5.355

New features

  • Support for opening ACE, ISO, and CRX compression formats. l New Content Disarm and Reconstruction (CDR) feature. l Script checksum support for HTML files.
  • Support for hidden zlib files in Object Linking and Embedding (OLE) content. l New scan timeout control framework.

Enhancements

  • Content Pattern Recognition Language (CPRL) signature runtime performance improvements. l Win32 emulator optimization. l APK and ZIP decompression optimization. l Accelerated checksum calculation.
  • File typing supports more file types including Dotnet, CHM, Mach-O, DMG and XAR, and RTF. l Script file typing improvements.

AV Engine for FortiOS and FortiAP-S Release Notes                                                                                             5

Fortinet Technologies Inc.

Fortinet Product Support                                                                                         Product Integration and Support

Product Integration and Support

Fortinet Product Support

The following table lists AV engine product integration and support information:

FortiOS 5.4.0 and later

5.6.0 and later

FortiAP-S 5.4.0 and later

5.6.0 and later

6                                                                                             AV Engine for FortiOS and FortiAP-S Release Notes

Fortinet Technologies Inc.

Resolved Issues                                                                                                                                   AV engine

Resolved Issues

The resolved issues listed below do not list every bug that has been corrected with this release. For inquires about a particular bug, please contact Customer Service & Support.

AV engine

Bug ID Description
453487 Add support for gzip files with flag’s reserved bits set
453982 Apply more signatures on RTF files.
413069 Fixed a crash in the JS emulator.
421545 Fixed a signature loading failure bug on FortiOS SOC3 platforms.
  Fixed potential memory issues found by fuzzing in GZIP, CAB and HTML parsing.
413625 Fixed Win32Emulator performance down bug.
  Fixed memory leaks and overflows in pyarch, sis, and rar decompression.
  Fixed potential memory bugs in autoit, arj and aspack decompression.
440519 Flag UPX as archive bomb if the decompressed size is 100 times greater than original file size.
  Fixed AV engine X86_64 crash on Windows 10 build 1703.

FortiOS

Bug ID Description
467820 Fixed missing file names for RAR v5.0.
458192 MSI and KGB file types are now on the list to be sent to FortiSandbox as potentially suspicious files.

Having trouble configuring your Fortinet hardware or have some questions you need answered? Ask your questions in the comments below!!! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Leave a Reply

Name *
Email *
Website

This site uses Akismet to reduce spam. Learn how your comment data is processed.