Symantec antivirus crashes something again. This time Chrome 78 browsers
Updated on October 29 to add that Google has decided to disable the Chrome's integration of the Microsoft Code Integrity feature to deal with the crashes after three more apps were found to cause the same errors (PC-Matic, PrintAudit, and Palo Alto Traps). Original article below.
TechRepubli
For the fourth time in three months, a Symantec security product is crashing user apps, and this time it's the latest Chrome release, v78, which rolled out earlier this week, on Tuesday, October 22.
According to reports on Reddit [1, 2] the Google support forums [1, 2], and in comments on the official Google Chrome blog, Symantec Endpoint Protection 14 is crashing Chrome 78 instances with an "Aw, Snap! Something went wrong while displaying this webpage." error, as seen in the screenshot above.
Users have been unable to use Chrome 78 at all, according to reports, with the browser refusing to load any web pages.
The errors have been plaguing users for the past two days, with the vast majority of reports coming from enterprise environments, where SEP installs are more prevalent.
While Symantec did not respond to a request for comment from ZDNet, the company did publish a support document admitting the issues.
According to the antivirus maker, the issues are only affecting SEP 14 users on Windows 10 RS1, Windows Server 2012, and Windows Server 2016 operating systems. Symantec users on other OS versions can fix this by updating to the latest SEP 14.2 release.
Users of Microsoft Edge Chromium are also impacted, but the Chromium-based Edge version has not been officially released; hence there are almost no users impacted by this issue in the real world.
The issue of SEP crashing Chrome 78 browsers should have not surprised Symantec staff, who received early warnings about this more than three months ago, according to a bug report filed in early August while Chrome 78 was still in testing in the Canary channel.
Symantec blamed the issue on Microsoft's Code Integrity security feature, which Google uses to protect the Chrome browser process.
As a temporary solution, Symantec recommends that users exclude Chrome from receiving protection from their antivirus product, or modify their Chrome clients, so the browser starts without Code Integrity protections.
However, this opens the browser to various attacks and is not recommended as long as users can simply use another browser until this is fixed.
The instructions for both solutions are detailed in the Symantec support document linked above.
Previous Symantec incidents
This is not the first time that Symantec has borked user systems or their apps. There have been at least three other major incidents in the past three months.
In August, Symantec and Norton antiviruses blocked the new Windows updates signed with the SHA2 algorithm because the products weren't updated to handle the new update scheme, despite Microsoft announcing the changes six months in advance.
Also in August, Symantec Data Loss Prevention crashed Google Chrome 76 browsers on macOS.
Earlier this month, in October, the same SEP antivirus caused Windows 7, 8, and 10 systems to enter a BSOD (Blue Screen of Death) state after receiving the October 2019 Patch Tuesday updates. Some organizations reported having as much as 10,000 systems enter BSODs.