Hi, Few hours ago Google released Update 78 for Chrome and since then it's seems to be broken for symantec endpoint protection users.
The problem is you can't load any pages, You will get "Aw, Snap" Error.
The workaround I found was to launch chrome with no sandbox:
Anyone know a permanent solution?
My symantec endpoint protection version is 14.0 MP1
So I found this article from symantec:
We are seeing this on our Endpoints. It seems if the client was upgraded from an older version to the latest (14.2.4814.1101) it still doesnt work. But a clean install of the latest does not have issues.
From what I can tell LTSB 1607 is being treated like Server 2016. Makes sense. Even the latest SEP build doesn't work and we have to enter the Application control exception
For OS other than Windows Server 2016 this is fixed in SEP 14.2 or later (released May 2019).
If upgrading SEP is not an option, or the OS is Windows Server 2016, the incompatibility can be worked around by adding an Application Control exception for Chrome (Chrome.exe) and/or Microsoft Edge Chromium (MSEdge.exe).
Run your command prompt as admin
Copy paste command in command prompt
REG ADD "HKLM\Software\Policies\Google\Chrome" /v RendererCodeIntegrityEnabled /t REG_DWORD /d 0
I just read where someone said if you rename the chrome.exe file (for example, chrom.exe), then Chrome would work. I just tried it and it works. Why in the world does this work?
I've added an Application Exception in my client policy acording to these instructions, https://support.symantec.com/us/en/article.tech256047.html, but my endpoints are still getting the Chrome error. This "solution" doesn't seem to work.
This is the article that resolved my issue. It updated my client from v14.0 to v14.2.
I hope this help
Note: For my 64-bit Windows I had selected the zip file: Sep64_T0_1031_EN.zip. This archive contains 24 .exe, choose the one for your build. My build was 2349.
This command is working. What that command means? Can please explain.
I added a file exception for C:\Program Files (x86)\Google\Chrome\Application\chrome.exe and checked only Application Control (but not Sonar/Security Risk) and it works. Even if you have already updated and facing the error message.
Does anybody know if it is a security risk to exclude the chrome.exe from Application and Device Control. I'm a bit unsure if it is a good idea to exlude Chrome.exe even only for Application and Device Control.
Maybe I'm not the only person asking this question and maybe someone has found an answer?
I use SEP at my station Just put Configure Firewall Rulles
all incoming block
and at Change Setting
Allow only aplication traffic
and for ask
Prompt before allowong aplication traffic
Curent clinet version is