Windows 11 KB5027231 also breaks Chrome for Cisco, WatchGuard EDR users


The Windows 11 22H2 KB5027231 cumulative update released during this month’s Patch Tuesday also breaks Google Chrome on systems protected by Cisco and WatchGuard EDR and antivirus solutions.

As BleepingComputer reported on Wednesday, Windows admins and users report having issues launching the web browser after installing the KB5027231 Windows 11 updates.

Even though uninstalling the buggy Windows 11 update should fix the issue, Windows admins who tried it report that it’s impossible via WSUS due to a “catastrophic error.”

“Rolled KB5027231 to a bunch of users, and I have Chrome broken everywhere. Attempting to rollback via wusa shows a ‘catastrophic error’ in the Event Viewer, and WSUS shows I cannot roll this back,” one Windows admin said.

Malwarebytes has already confirmed that this known issue affects customers using its anti-malware products because of an anti-exploit module issue and advised affected users to disable Google Chrome as a protected app.

“On June 13, 2023, Microsoft’s KB5027231 update installed on Windows 11 caused a conflict between Google Chrome and exploit protection, resulting in browser crashes,” Malwarebytes said.

Even though impacted users will not see Google Chrome’s interface after attempting to open the app, the process is running in the background but will not load the user interface due to the conflict.

Chrome process running in background
Chrome process running in the background (BleepingComputer)

Cisco and WatchGuard users also having issues launching Chrome

​Starting Wednesday, WatchGuard and Cisco Secure Endpoint users have also begun reporting that Google Chrome will not launch after deploying the June 2023 Patch Tuesday cumulative updates.

“We deploy Secure Endpoint 8.1.7 to our few thousand devices, and we started getting a mountain of reports this morning that Google Chrome would not appear on the screen after attempting to open it,” one admin said.

“With a little trial & error, I found that killing the Secure Endpoint service or uninstalling Secure Endpoint will allow Chrome to open again.”

Based on user reports, Cisco Secure Endpoint’s Exploit Prevention engine is also the module blocking the web browser from launching.

WatchGuard staff also confirmed on Friday that Google Chrome wouldn’t open on Windows 11 after installing KB5027231 if anti-exploit protection is enabled in the company’s Endpoint Security software.

Cisco and WatchGuard customers are advised to disable anti-exploit protection from their security software’s settings or set Chrome as the default web browser from Settings > Select Default Browser.

Another potential workaround that might help address this issue requires affected users to set Google Chrome as the default browser on their system.

Microsoft and Cisco spokespersons were not available for comment when contacted by BleepingComputer earlier for more details regarding this issue.



Source link