Check Point has issued an alert announcing that certain versions of the VPN client may stop working from January 1, 2021. Taking into account the criticality of this situation, we advise that the necessary actions be taken in a timely manner.
The problem communicated by Check Point affects Endpoint/VPN and Sandblast Agent – which are not officially supported by Check Point – as of the next January 1st.
This incident is due to an application’s internal certificate which expires on that date and which is used to validate the software itself, so some older clients who check this certificate after machine boot/reboot should start to fail with the error message “Connectivity with the Check Point Endpoint Security service is lost”.
What are the affected products?
Versions:
- Standalone VPN clients (only “Endpoint Security”), from E80.81 to E81.10;
- SandBlast Agent, from E80.61 to E81.10.
Operating Systems:
- Windows 7 and 10;
- (Windows XP and MacOS are not affected).
How to validate if this version is being used within the organization?
In Central Management: SmarLog > query for
action:”Log In” AND (“Endpoint Security”) AND (E80.81 or E80.82 or E80.83 or E80.84 or E80.85 or E80.86 or E80.87 or E80.88 or E80.89 or E80.90 or E80.92 or E80.94 or E80.95 or E80.96 or E80.97 or E81.00 or E81.10)
On the client side: right click on the client > icon help > about
What is the recommended solution?
- Update to a version E81.20 or higher (ideally E84.00, as it is the current version recommended by Checkpoint) – Endpoint Security E84.00 available here;
- Patch installation [de 2MB] made available by Checkpoint on machines with the version in question (it is not necessary to reboot the machine if it is applied before January 1st, from this date it will be necessary to reboot and it can be executed automatically during the patch application) – available here.
For more detailed information on this subject, you can consult sk171213, which continues to be constantly updated, here.
Warpcom provides specialized Cybersecurity & Public Safety services that can help in the analysis and definition of mitigation actions for this situation in your organization. If you want help or further clarification, talk to us!
Bruno Gonçalves,
Business Unit Manager – Cybersecurity & Public Safety