Documentation Index

Fetch the complete documentation index at: https://support.appgate.com/llms.txt

Use this file to discover all available pages before exploring further.

6.7.2 Client

Prev Next

Released June X, 2026

Updates

  • Fixed a stability issue where the AppGate driver service could crash when it received malformed JSON-RPC data on the deploy control channel. The service now handles unexpected or invalid control data gracefully without terminating.

  • The client now supports QUIC for the signal channel used during NAT traversal. In network environments where UDP and TCP traffic are routed through different paths, this improves connection reliability.

  • Addressed a security issue where the desktop client's local communication channel could be accessed without proper authentication.

  • Fixed an issue in which clients using NAT traversal failed to reconnect when receiving certificate errors during the initial direct connection attempt.

  • WolfSSL was updated to version 5.9.1.

  • Resolved an issue in which bulk transfers over QUIC would stall.

Windows

  • Fixed a security vulnerability where specially-crafted SMB or SSH links could be used to execute unauthorized commands. The client now applies stricter validation to protocol handler URLs.

  • Addressed a security vulnerability where the update service could be triggered by unauthorized local processes. The update service now restricts access to authorized callers only.

  • Removed the usage of the PowerShell API as it took a long time to complete when removing DNS rules.

  • Fixed an issue where Windows Hello registered itself but could not authenticate as a FIDO2 device.

  • Addressed an issue in which invalid JSON in the config.json file caused installations to fail.

iOS

  • Fixed an issue where the client failed to start when launched from a URL link.

Android

  • Android Auto has been excluded from the VPN.

  • Fixed a security issue where Android authentication callbacks could be intercepted by other apps on the device.

macOS

  • Added security checks that allow only processes to connect to the AppGate tunnel when the process was started by the currently logged-in user.

  • System administrators can now control which local users are permitted to manage the VPN using the new optional ListenerGroup configuration parameter, providing an additional layer of local access control.

Linux

  • Added security checks that allow only processes to connect to the AppGate tunnel when:

    • The process was started by the currently logged-in user.

    • No dynamic linker environment variables are detected.

  • System administrators can now control which local users are permitted to manage the VPN using the new optional ListenerGroup configuration parameter, providing an additional layer of local access control.