-
Version 6.4.2 - January 24, 2008
+ Added support for Windows Server 2008 (32-bit and 64-bit)(February 13, 2008)
* New McAfee anti-virus engine version 5200. All users are encouraged to upgrade. From February 1, 2008 onwards, there will be no further Anti-Virus definition files (DAT files) quality testing with the older engine.
- Live.com was not recognized properly as a search engine
- Fixed occasional false positive P2P detection on legitimate DNS traffic
- Fixed Active Directory mapping timeouts causing delays in user-related operations, authentication, etc...
- Fixed traffic policy rules with unresolvable host names causing blocking of valid DHCP service requests
-
Version 6.4.1 - December 13, 2007
* Connection limit now applied on incoming and outgoing connections separately
- Fixed bug in POP3 inspector causing certain emails being blocked
- Fixed engined crash in on-demand dialing if a certain configuration was imported from KWF 6.3
- Fixed proxy server sometimes not requiring authentication for HTTPS pages
- Fixed engine was not started automatically after clean installation on Windows Vista
- Fixed inability to login to the web interface for users without the 'view statistics' right
- Fixed firewall traffic sometimes being accounted to random hosts
- Fixed broken configuration of automatic hangup after inactivity (please check your settings after upgrade to 6.4.1)
- Fixed displaying of national characters in alerts
- Fixed eTrust plug-in
-
Version 6.4.0 - September 17, 2007
+ User activity logs in StaR
+ Printer ready version of StaR
+ Improved overall throughput performance
+ NAT was made more traversal friendly for VoIP applications
+ Added support for popular dynamic DNS services
+ Added URL based web exclusions from StaR
+ Added support for weekly quotas
+ Added possibility to select users' preferred language
-
Version 6.3.1 - May 30, 2007
* link to Login Page re-added to Deny Page
* Application Layer Gateway is now detected as conflicting service (it caused FTP connections to fail)
* 'Valid On' Traffic Rule setting now always affect all existing connections
* improvements in Web Interface layout in Safari
- VPN traffic may be dropped by Anti-spoofing on server operating systems
- fragmented packets were not handled correctly under certain
circumstances (some connections were blocked)
- antivirus process sometimes refused to use correctly licensed Avast
- antivirus process could crash with NOD32
- fixed crash caused by malformed StaR database file
- RFC non-compliant e-mail could become corrupted by SMTP inspector
- fixed accounting of FTP traffic through proxy server
- traffic histograms were missing in Administration Console
- redirect to website after successful login sometimes failed
- stability of the Administration Console was improved
- it was not possible to enable Clientless SSL-VPN user right in Administration Console without Kerio VPN installed
-
Version 6.3.0 - March 29, 2007
Major new features:
+ Statistics and reporting (StaR)
* Improved overall performance
+ Support for 64 bit systems
+ Support for Windows Vista
* Improved P2P Eliminator
-
Version 6.2.3 - October 12, 2006
+ added support for Internet Explorer 7 to Kerio Clientless SSL-VPN
- fixed corruption of configuration file when incorrect MAC address was entered in DHCP server configuration
(This caused further changes to configuration to be mysteriously lost after reboot.)
- fixed crash when a malformed DNS response is received
- fixed crash when more than 3 custom forward DNS servers were specified
- McAfee now works even if its subscription is expired (without updates though)
- further fixes to video streaming (Amazon Music Sampler)
- fixed malformed reverse DNS queries being incorrectly resolved to valid names
- fixed missing error messages on unresponsive WWW sites
- fixed "user transfer quota exceeded" alert being sent too often
- fixed NOD32 plugin not working for SSL-VPN file transfers
-
Version 6.2.2 - August 7, 2006
+ added TCP MSS altering to work around nonworking PMTU discovery due to blocked ICMP
(this typically fixes nonworking HTTPS pages on PPPoE connections)
* Administration Console now remembers last view in IP Address Groups, DHCP Scopes and Leases, HTTP URL Groups, Time Ranges screens
* cache memory size configuration value has been removed (the best value is now auto-detected)
* the timeout for half-open TCP connections has been decreased
- fixed deadlock in UPnP service if an interface goes up or down
- in SSL-VPN downloaded files are now forced to be saved to disk instead of opened in IE
- fixed creating of huge antivirus temporary files even though size limit was configured
- fixed occasional WinRoute service crashes during system shutdown
- fixed crashing when loading user configuration where no user has administrative rights
- fixed opened Administration Console aborting normal system shutdown
- fixed problem with temporary files occasionally remained on disk after the antivirus scanning
- fixed a potential bug that antivirus process(es) won't start during WinRoute initialization
- fixed national characters handling in the administrative password dialog in the installation wizard
- fixed loading of web pages on nonstandard TCP ports when going through multiple proxies
- fixed nonworking CNN pipeline stream videos
- fixed possibility to remove some interface statistics for some interfaces
- fixed IP addresses for hostnames in the traffic policy not being updated often enough
- fixed old half-closed FTP connections through the firewall sometimes remaining open for very long times
- antivirus scanning failures are now logged into security log
- fixed client FTP connections not being correctly reset if virus was found during the transfer.
- fixed FTP inspector could parse certain (illegal) responses incorrectly causing the affected connection to hang
- fixed bandwidth limiter behaving incorrectly if the IP address group selected there was deleted
- fixed inability to send mail through certain rare servers if TLS transfers are denied by WinRoute
- fixed possible file corruption during antivirus scanning on chunked HTTP connections
- fixed nonworking quarantine storage of infected files found in FTP transfers
- fixed changes to the default SSL web interface TCP port of 4081 not being applied until restart of WinRoute
- user manually imported from AD now have their email addresses imported (affects only newly imported users)
- fixed file and folder icons failures to load when browsing FTP via the HTTP proxy server
Kerio VPN Client 1.2.2
- fixed route to remote network being added to system even if it already exists
-
Kerio VPN Client 1.2.1 - May 4, 2006
- fixed conflict with MS Firewall Client that caused OS crash
-
Version 6.2.1 - May 3, 2006
- fixed service crash in email protocol inspectors
- fixed occasional high CPU usage of the service
- fixed handling of HTTP/0.9 responses
(this caused false positives of binary characters in HTTP headers)
- fixed ignoring traffic policy rules when host names were used
- fixed nonworking Windows Update via proxy server
- fixed monthly rotation of logs
* denial pages no longer use SSL
(this caused unexpected SSL certificate warnings in browsers)
* improved handling of ICMP destination unreachable messages
(this sometimes caused VPN tunnels to stop working)
+ added ability to select custom port for SMTP relay server
-
Version 6.2.0 Patch 1 - April 10, 2006
- fixed service stability issue
-
Version 6.2.0 - March 23, 2006
+ Bandwidth Limiter
+ Dual anti-virus
+ Product registration from the administration console
+ VPN Client now supports 64bit Windows
-
Version 6.1.4 Patch 2 - January 19, 2006
- fixed possible hang and 100% CPU consumption while browsing the web
-
Version 6.1.4 Patch 1 - January 5, 2006
+ added protection against the recent Windows metafiles vulnerability
* updated antivirus plugin for Eset NOD32
- fixed DoS caused by improper data handling in HTML content filtering
- fixed DoS when too long strings are fetched from Active Directory
- fixed engine's inability to start due to improper loading of statistics
- fixed HTML content filtering was sometimes incorrectly activated even if disabled
- fixed application of antivirus scanning rules to certain file names
- improved RTSP protocol inspector compatibility with certain servers
- fixed removal of custom service could sometimes disable related traffic policy rules
-
Version 6.1.4 - January 5, 2006
+ TCP sequence numbers awareness
* ICSA certificate renewed
-
Version 6.1.3 Patch 1 - November 16, 2005
- fixed serious bug in authentication of Active Directory users
-
Version 6.1.3 - November 10, 2005
- fixed possible crash when trying to receive streams from certain RTSP servers
- fixed possible hang when querying AD in some circumstances
- fixed memory leak in Active Directory mapping
- fixed filter errors in Active Directory queries
- fixed possibile successful authentication of users with disabled accounts
- fixed local database users with "@" character in their login name were not able to login
- fixed detection of RRAS demand-dial interfaces
- fixed statistics sometimes showing negative/incorrect values
- bookmarks on the SSL-VPN page are now correctly sorted
- NTLM is now disabled for Opera browser
* the MAC address/vendor database has been updated to be more accurate
* Windows Firewall service is now disabled during the installation due to persisting conflicts
-
Version 6.1.2 - September 7, 2005
+ Russian translation of all user interfaces excluding Administration Console
+ Admin console now warns if a new traffic policy could disconnect it
+ All domain controllers may now be detected automatically
* Windows Update HTTP rule was changed to work with current Windows Update
- Wrong HTTP rules were sometimes applied immediatelly after user login
- Possible crash after deleting user's statistics
- Possible crash when in lack of system resources
- Certain combination of routes to VPN tunnels could cause 100% CPU
- Changing 'VPN Tunnel' to 'VPN Clients' in Traffic Policy could corrupt configuration
- Scripts/ActiveX filtering often corrupted pages
- Newly created group could be assigned wrong rights
- Nested AD groups didn't work properly for primary groups
- Account used to access AD database did not suppor non-ASCII characters
- Quota counter was is not reset at the end of its time interval
- Quota was not applied immediatelly when reached, only after several seconds
- Mail temporary files were sometimes left on disk
- Cannot open folder in SSL-VPN if its name contained an ampersand (&)
- Admin console runtime error when deleting address group
- "Error: function called with invalid parameters" when killing connections
- Changes in configuration of users were not logged into config log
- HTTP log did not log username for all requests
- P2P alert message sometimes showed incorrect ports
- Gzip encoding for HTTP servers in LAN was always turned off
- Parent proxy password was unencrypted in configuration
- VPN was not able to deliver very small fragmented UDP packets
- Hibernation was not allowed even if VPN is not installed
- Sometimes connection failover alert might not be sent
- Alert messages in Spanish and Slovak were displayed as plain text only
- Update checker didn't indicate failures
Changes in Kerio VPN Client:
+ Russian translation
- Autoconnect only works for the first server in advanced mode
- Taskbar notification area messages were incorrectly formatted
-
Version 6.1.1 - July 14, 2005
- fixed possible hang when hostnames are used in policies
- fixed possible crash when changing interface name
- fixed traffic policy corruption with certain interface names
- fixed possible temporary hang while sending messages to users
- fixed authentication of users when installed on a domain controller
- fixed Active Directory mapping problems with nested groups
- fixed Active Directory mapping problems with cross-domain group memership
- fixed authentication of users that are members of groups with national characters in names
-
Version 6.1.0 - June 23, 2005
Major new features:
+ Transparent user mapping in Active Directory domains
+ Support for multiple Active Directory domains
+ Kerio Clientless SSL-VPN
(web-based secure access to network shares in LAN)
+ Customizable routing configuration for VPN tunnels
+ Spanish localization
-
Version 6.0.11 - April 7, 2005
- fixed possible crash in RTSP protocol inspector
- fixed possible crash on systems with more than 64 network interfaces
- fixed several bugs in statistics calcullation
- fixed incorrect logging of broadcast packets in anti-spoofing
- fixed several issues in the remote administration protocol
-
Version 6.0.10 - March 22, 2005
- fixed possible crash when establishing / closing VPN connection (error 10038)
- fixed possible hang of WinRoute service when changing SSL certificate for VPN server
- fixed minor bugs in VPN server
- fixed resource leak in SMTP protocol inspector with unconfigured relay (error 10035)
- fixed collision with running ICF service on Microsoft Windows XP Service Pack 2
- fixed problem with setting user rights for installation directory on startup
- fixed problem with DNS names in traffic rules and address groups
- fixed crash caused by Avast module if it was simultaneusly used in both KWF and KMS
- several minor improvements / bug fixes in SMTP protocol inspector
- several minor bug fixes in Administration Console
+ protection of firewall host against Land attack packets
* improved antivirus scanning of files being download using download managers
-
Version 6.0.9 - December 9, 2004
- fixed posibility to poison DNS cache
- fixed possible CPU/memory DoS in SMTP inspector
- reduced access rights to WinRoute's directory
- fixed handling of HEAD method in HTTP proxy server
- fixed bad date in file names quarantine directory
- blocking and logging of P2P traffic is now more accurate
- invalid domain name in NT import no longer display local users
- administration console now checks passwords for maximum length
- administration console now behaves correctly if connection to the engine is lost
- fixed up&down arrow buttons in Antivirus/HTTP scanning rules
- transferred data for multimedia streams are now displayed correctly
* improved logging of ISS orange filter categorization failures
* removed SMTP NOTIFY extension from alert emails
+ SCCP (Cisco Skinny) protocol inspector now correctly handles conferrence calls
+ added ability to highlight certain lines of logs
+ support for hibernation (if VPN is not installed)
-
Version 6.0.8 - November 4, 2004
- fixed nonfunctional user accounts that were imported from WinRoute Pro 4.x in the past
-
Version 6.0.7 - November 4, 2004
* passwords for local users are now stored using stronger encryption
* workaround for strange behavior of IE back button when dropping HTTP
requests (e.g. ad-blocking HTTP rule is enabled)
- fixed some HTTP and FTP rules not working randlomly
- fixed non-working HTTP and Web log in upgraded installations
- fixed FTP handling when configured to use parent proxy
- VPN routes marked as 'unknown' no longer remain in the routing table
- fixed possibility to edit int16 type options in DHCP server
- fixed support for more than 255 routes in VPN
- fixed crash of administration console in Status/Interfaces screen
- actual traffic is now displayed correctly in statistics
- fixed character coding in slovak version of web interface
-
Version 6.0.6 - October 5, 2004
+ HTTP, FTP, SMTP and POP3 insplectors now check JPEG files against the recent GDIPLUS.DLL vulnerability
* Cobion OrangeFilter has been renamed to "ISS OrangeWeb Filter", functionality remains the same
- fixed hanging of WinRoute service in DNS resolver
- zero quotas are no longer ignored
- fixed editing of inbound policy in the traffic wizard
- alert whan hanging up failover RAS line now displays line name correctly
- fixed blocked communication after boot if Windows Firewall is detected on Windows XP SP2
- fixed handling of messages in SIP protocol inspection
-
Version 6.0.5 - September 22, 2004
+ VPN clients can now be configured with custom IP routes
+ VPN clients can now be assigned fixed IP addresses
+ resizeable traffic histograms
* improved routing table screen in administration console
- fixed conflict with 3rd party applications that install custom layered service providers
- fixed boot problem on Windows 2000
- fixed handling of emails sent as attachment
- fixed transfer rate bug in traffic histograms
- fixed automatic login for IP address groups
- denying of unscannable or corrupted files now works correctly
- fixed blinking of text in logs
- SSL certificates with national characters are now displayed correctly
- fixed false installer complaint about WinRoute Pro being installed
-
Version 6.0.4 - August 19, 2004
- fixed dropping of NAT connections when user logs in or out
-
Version 6.0.3 - August 17, 2004
+ support for Windows Security Center in Windows XP SP2
- fixed incorrect handling of TLS-secured POP3 and SMTP
- dates in alert emails are now properly formated
- traffic rules with interface source no longer permit packets from firewall
- fixed file name matching in ftp policy when using MS IE as client
- "Error: function called with invalid parameters" no longer appears when clearing a log
-
Version 6.0.2 - August 10, 2004
+ possibility to specify file size limit for antivirus
+ possibility to duplicate rule in HTTP/FTP policy
+ firewall can be excluded from quota actions
* address group can be used for user automatic login
* several minor improvements in administration console
- fixed several bugs in SMTP protocol inspector and antivirus
- fixed memory leak if DNS forwarder was disabled
- fixed non working proxy if DNS forwarder was not configured
- fixed crash when removing DHCP scope exclusion
- fixed bug in SIP inspector
- fixed minor bug in IRC protocol inspector
- installer sometimes failed to update Kerio VPN Adapter driver and returned error 0x80070103 - fixed
- Kerio VPN adapter sometimes lost it's primary IP address - fixed
- authentication method for user imported manually from NT domain is now correctly set
- fixed non working automatic login from firewall host
Changes in Kerio VPN Client since 1.0.0:
- configuration was not saved sometimes - fixed
- "SSL error 0/5" during connection establishment replaced with more specific message
-
Version 6.0.1 - June 23, 2004
- fixed 100% CPU ussage on Windows servers with DNS system service enabled
- fixed DNS forwarder on Windows Server 2003 (error 4507:10013)
- fixed handling of STLS command in POP3 protocol inspector
- proxy server now works if DNS forwarder is disabled
- proxy server now does not always require NTLM authentication
- authenticating via proxy server no longer sometimes ends with a blank page
- VPN server no longer stops working when the system is under heavy load
- deleting interface no longer changes traffic rules which refer it to 'any'
- fixed crash of administration console in interface statistics
- fixed ability to edit network interfaces when VPN is not installed
- fixed disappearing of settings in the AD/NT authentication screen
- fixed wrong sorting of antivirus rules for HTTP/FTP
- log rotation is no longer grayed out when set to keep 0 files
- the number of consumed licenses is now displayed also for trial license
-
Version 6.0.0 - June 7, 2004
+ Integrated client/server and server-to-server VPN solution
+ Alerts and notifications
+ Antivirus protection for emails (POP3 and SMTP)
+ Improved realtime user monitoring and traffic statistics
+ P2P Eliminator - universal P2P blocking
+ Support for VisNetic Antivirus Plug-in 4
KWF home page
