Information regarding
LANCOM Advanced VPN Client 2.31
Copyright (c) 2002-2013 LANCOM Systems GmbH, Wuerselen (Germany)
LANCOM Systems GmbH does not take any guarantee and liability for software not developed, manu-factured or distributed by LANCOM Systems GmbH, especially not for shareware and other
extraneous software. LANCOM Systems GmbH Adenauerstrasse 20 / B2 52146 Wuerselen Germany Internet: http://www.lancom.eu 30.01.2013, CBuersch
Table of contents
1. New Features, Changes and History ... 2
LANCOM Advanced VPN Client changes 2.30.0186 ► 2.31.0104... 2
LANCOM Advanced VPN Client changes 2.30.0146 ► 2.30.0186... 2
LANCOM Advanced VPN Client changes 2.30.0075 ► 2.30.0146... 3
LANCOM Advanced VPN Client changes 2.23.0018 ► 2.30.0075... 3
LANCOM Advanced VPN Client changes 2.23.0017 ► 2.23.0018... 4
LANCOM Advanced VPN Client changes 2.22.0044 ► 2.23.0017... 4
1.
New Features, Changes and History
LANCOM Advanced VPN Client changes 2.30.0186
►
2.31.0104
New Features:
Support for Windows 8
Support for accessible usage „High Contrast“
Added manual selection for mobile radio data connection (GPRS/Edge or UMTS/HSPA) under Windows XP and Windows Vista
Connection profiles can be changed for other profile groups via context menu and tray icon, too
Bugfixes / Changes:
Improved hotspot authentication with faulty WLAN connection
The firewall dialogue can be used parallel to other monitor dialogues
LANCOM Advanced VPN Client changes 2.30.0146
►
2.30.0186
New Features:
After standby/hibernate, the automatically established VPN connection can be protected from unauthorized access by a security query.
APN can be determined by means of the SIM card’s NetID automatically
Bugfixes / Changes:
Improvements in UMTS connection establishment with bad radio reception
Improvements when using Seamless Roaming
Improvements in logbook output
After a restart of the registered version the firewall configuration is shown
External applications can be started without specifying the path
Proposal list adjustments
Friendly Net Detection works even if no network connection was established on system boot
Friendly Net Detection can be used even if no static gateway is configured
Special characters can be used within WLAN keys and access data
User login was possibly shown by mistake with automatic connection establishment
Fixed a NAT module bug relating to incoming sessions
Fixed a bug relating to IKEv2 and UDP Encapsulation via port 4500
LANCOM Advanced VPN Client changes 2.30.0075
►
2.30.0146
New Features:
Extended certificate configuration
UMTS configuration extended with LTE
Import for configuration locks extended with profile import/export
Diffie Hellmann groups 15 to 18 can be used for PFS, too
Delayed and thus possibly corrupt data packets can be discarded according to RFC 2064
Bugfixes / Changes:
Seamless roaming connection losses are presented optically
A held VPN tunnel (Seamless Roaming) can be disconnected
Support for *.vbs script files when starting external applications
Hotspot authentication is possible with particular ports, e.g. 8080
A PKI error message does no longer block the minimized VPN monitor
Passwords are transferred when exporting to a network drive
When using Split tunneling, routes are set correctly
Fixed a compatibility issue with „Symantec Network Threat Protection“
LANCOM Advanced VPN Client changes 2.23.0018
►
2.30.0075
New Features:
Seamless Roaming allows further usage of the VPN tunnel, even if the WAN IP has changed (e.g. change from UMTS to WLAN)
Support for Windows 7 Mobile broadband interface for faster data rates
The availability of the internet connection can be checked
A configured proxy can be automatically deactivated when using a hotspot
Support for Diffie Hellman groups 15-18
If a VPN connection is terminated, the WLAN connection can be optionally terminated, too
Optional actions can be achieved due to a friendly net detection
Rules for IPv6 can be configured in the firewall
Bugfixes / Changes:
If a WLAN profile is created via setup wizard, this new profile is used immediately
The WLAN setup wizard offers Hotspot authentication for open WLANs only if the SSIDs are known
LANCOM Advanced VPN Client changes 2.23.0017
►
2.23.0018
Bugfixes / Changes:
A „DLL-Hijacking“ attack is no longer possible
Explanation:
LANCOM Advanced VPN Client turned out to be prone to DLL hijacking attacks. This attack exploits a weakness in executing DLL loading in windows:
If an application loads a DLL using the function „LoadLibrary(ex)“ without using a fully qualified path, the following folders are searched in a predefined order:
1. The application directory (where the application was installed) 2. The system directory
3. The 16 bit system directory 4. The windows directory 5. The current work directory
6. Directories listed in the path variable
A DLL in the work directory of the client monitor with injected malicious code would be able to become active with current user rights. There is no risk for own DLLs located in the installation directory of the LANCOM Advanced VPN Client; these are searched exclusively within the installation path. However, potential risk exists for 3rd-party DLLs, which are only checked for existence by LANCOM Advanced VPN Client.
If a VPN configuration file is loaded (by double click) from a network drive which contains a DLL with malicious code and the Client Monitor is not active at this time, malicious code could be loaded and executed.
LANCOM Advanced VPN Client does ignore the current work directory when reloading DLLs.
This action implies Microsoft Windows XP Service Pack 1 or later, Windows Vista or Windows 7 to be installed.
LANCOM Advanced VPN Client changes 2.22.0044
►
2.23.0017
New Features:
The client now uses a cryptographic algorithm according to the FIPS standard
The embedded cryptography module is certified according to FIPS 140-2 (Certificate #1051)
LANCOM Advanced VPN Client changes 2.20.0033
►
2.22.0044
New Features:
VPN packets are encapsulated in SSL using the VPN Pathfinder
A Pathfinder connection is indicated by an icon
Pathfinder is activated by default if profiles are imported (*.ini files)
Bugfixes / Changes: