Reflection for Secure IT Windows Client 8.0.1

November 2017

Your Reflection for Secure IT Windows Client includes new features, improves usability, and resolves several previous issues.

This service pack improves usability and resolves several previous issues.

Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure that our products meet all your needs.

1.0 Summary

Reflection for Secure IT Windows Client 8.0.1 is available now for new and existing customers. This technical note provides information about how to obtain your update and a list of features and fixes included in the update. This note also includes fixes in Reflection FTP Client 16.0, which is included with Reflection for Secure IT Windows Client. 8.0.1 is cumulative and also applies the features and fixes provided in earlier updates and service packs. For a list of these features and fixes see the following:

For important information regarding security updates and installing Reflection for Secure IT, see Technical Note 2288.

2.0 Obtaining the Update

Maintained customers are eligible to download the latest product releases from the Attachmate Download Library website: For information about logging into and using the Download Library, see Technical Note 0200.

3.0 Supported Platforms

RSIT Win Client 8.0.1 adds support for Windows 10. For further information about platform support in Reflection, see Technical Note 1944.

4.0 Security Fixes

This release includes fixes for the following reported security vulnerabilities. For additional information, see Technical Note 2288.

  • CVE-2015-0204: OpenSSL Client RSA Silent Downgrade Vulnerability

  • CVE-2015-4000: Diffie-Hellman Logjam Vulnerabilities

  • CVE-2015-0289: NULL pointer dereferences

  • CVE-2015-0292: Base64 decode

  • CVE-2016-0705: Double-free in DSA code

  • BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption

  • CVE-2016-0702: Side channel attack on modular exponentiation

  • CVE 2016-2018 – OpenSSL Security Advisory

5.0 Reflection Client for Windows 8.0.1

  • Windows Credentials can now be used for AS400 FTP Sign-On.

  • Command line SFTP only writes the end of a large file listing when the connection is closed.

  • ActivClient 7.0 configured for PKCS#11 is now usable with reflection products.

  • After configuring Client Authentication with "Automatically select client certificate" (the default) chosen, the automatic chooser no longer chooses an expired certificate when a valid certificate exists in the list.

  • The following UTF-8 characters are now drawn correctly: U+25a0, U+203b, U+2234, U+2235, U+2312, U+223d.

  • A problem closing the connection when downloading a large CRL (2 MB) exceeds the connection timeout has been resolved. Previously if the time required to download the CRL exceeded the connection timeout, Reflection lost the connection to the server with an exception error in rssh.exe.

  • The sftp command line client now returns to command prompt after connection timed-out with exit code 84 on Windows 8, Windows Server 2012, and Windows 10.

  • Reflection for Secure IT Windows Client 8.0.1 is now supported on Windows 10.

6.0 Reflection FTP Client 16.0

  • Reflection ftpCOM API IsConnected and LastError properties now return correct status after a Host disconnect event.

  • An issue that could cause the Reflection FTP Client to shut down unexpectedly while transferring a large number of files going to an OpenVMS (Process software) SSH server has been resolved.

  • Connections using SSL/TLS now support DH cipher suites, and no longer support 40-bit and 56-bit cipher suites.

7.0 Legal Notice

For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy, and FIPS compliance, see

Copyright © 2017 Attachmate Corporation, a Micro Focus company. All Rights Reserved.