- Sep 5, 2017
- 1,168
Google Chrome updated to version 78 a few days ago and some users have been experiencing "Aw, Snap!" crashes instead of the promised features.
This disruption occurs when launching the web browser on systems with an outdated version of Symantec Endpoint Protection (SEP).
Incompatibility problem
Since the release of the newest Google Chrome on Tuesday, a large number of users started to complain that they could not use it.
When starting Chrome, users would see the "Aw Snap!" message specific to a page crash.
Most of the reports came from users that did not have the latest version of Symantec Endpoint Protection installed. An investigation from both Google and Symantec confirmed this to be true.
In a blog post on Thursday, Symantec explains that the problem is an incompatibility between the Application Control technology in its product and Microsoft's Code Integrity feature enabled in Chrome browser.
Microsoft Edge Chromium is also impacted by this issue but the browser has not been officially released so the user base affected is limited.
The solutions
Symantec details that systems affected by this problem are Windows Server 2012, 2016, and Windows 10 RS1 with any version of SEP installed.
Any other Windows operating systems running a version of SEP older than 14.2 are also impacted. On these, updating to the latest SEP should fix the issue.
A workaround exists for all other cases and it consists of adding an Application Control exception for the Google Chrome and Microsoft Edge Chromium executables (Chrome.exe and MSEdge.exe).
An alternative to this is to run Chrome with the Code Integrity feature disabled, which can be achieved in two ways:
Chrome.exe –disable-features=RendererCodeIntegrity
or by setting a registry key to 0:
Key: HKLM\Software\Policies\Google\Chrome
Name: RendererCodeIntegrityEnabled
Type: DWORD (32-bit)
Value: 0
Since a swarm of users reported the "Aw Snap!" crash problem, Google investigated as well, its conclusion being that an update to SEP 14.2 or above would do away with the incompatibility.
Disabling the protection in Chrome through the RendererCodeIntegrityEnabled policy in the browser is listed as a solution, too, albeit not a recommended one because it's purpose is to protect the browser process.
Some users already reported that updating SEP to the latest version allowed them to use Google Chrome as before.