Malwarebytes confirmed today that the Windows 11 22H2 KB5027231 cumulative update released this Patch Tuesday breaks Google Chrome on its customers' systems.
Windows admins and users report that devices are affected by this issue after rolling out yesterday's Windows 11 updates.
While uninstalling the KB5027231 update fixes the issue, admins report that it's not possible to do so via WSUS because of a "catastrophic error."
"Rolled KB5027231 to a bunch of users, and I have Chrome broken everywhere. Attempting to rollback via wusa shows a 'catastrophic error' in the Event Viewer, and WSUS shows I cannot roll this back," one admin said.
"We had about 400 machines get the patch, and definitely not all are running into the issue. I've had maybe 30 issues," the same user said in another comment.
The Google Chrome process is actually running but is prevented from fully launching the application and loading the user interface due to the conflict.
As confirmed by Malwarebytes staff, the issue is caused by Malwarebytes' anti-exploit module blocking Chrome from loading after installing the KB5027231 update.
The company published a support article today confirming the Malwarebytes conflict with Google Chrome after installing the June 2023 Patch Tuesday updates on Windows 11 systems.
"On June 13, 2023, Microsoft's KB5027231 update installed on Windows 11 caused a conflict between Google Chrome and exploit protection, resulting in browser crashes," Malwarebytes said.
Malwarebytes users experiencing issues when launching Google Chrome can toggle off the web browser from the list of protected applications in their Malwarebytes product from Settings > Security tab > Manage protected applications.
Workaround available
The detailed procedure needed to disable Google Chrome as a protected app in Malwarebytes' security settings requires you to:
- Open Malwarebytes on your device.
- On the top right, click the Settings wheel.
- Click the Security tab.
- Under Exploit Protection, click Manage protected applications.
- Toggle off Google Chrome (and plug-ins).
- Click Done.
Malwarebytes advises customers to re-enable app protection for Google Chrome once the issue is resolved in a future update.
Another potential workaround that might help address this issue requires affected users to set Google Chrome as the default browser on their system.
"We're currently experiencing issues with Malwarebytes Exploit Protection and Chrome in Windows 11 where you'll see Chrome crash. We suspect this is happening due to a Windows Update (KB5027231) that was released on June 13, 2023," Malwarebytes VP of Product Michael Sherwood said.
"We're actively troubleshooting this and we'll be back with more info as soon as possible."
A Microsoft spokesperson was not available for comment when contacted by BleepingComputer earlier today.
H/T Zachary
Comments
EndangeredPootisBird - 11 months ago
It's quite worrying that people still pay for their sub-par products.
Hmm888 - 11 months ago
"It's quite worrying that people still pay for their sub-par products."
That's because their products are "recommended" by users and others in forums such as this.
EndangeredPootisBird - 11 months ago
Recommended for it's on-demand scanner, yes, but not it's prenium version that performs worse than even free alternatives.
GT500 - 11 months ago
"It's quite worrying that people still pay for their sub-par products."
You mean Malwarebytes? I use it because I have a lifetime license , and I don't trust Windows Defender. Since I started using it roughly 2 years ago, I've felt that the quality isn't quite what it should be, and it's prone to certain false positives that are mostly understandable.
Wannabetech1 - 11 months ago
It's quite worrying that people still use Windows.
KeiFeR123 - 11 months ago
So what do you suggest people use unless you are just trolling here.
EndangeredPootisBird - 11 months ago
Common sense, obviously. If everyone had it then you would prevent 99.9999% of future malware infections caused by gullible and ignorant people who have zero knowledge in keeping their device secure.
GT500 - 11 months ago
"Common sense, obviously. If everyone had it then you would prevent 99.9999% of future malware infections caused by gullible and ignorant people who have zero knowledge in keeping their device secure."
Malware creators/distributors would just change their tactics, and computers would get infected anyway. They do the bare minimum necessary to spread their malware, and they usually don't bother doing more than that, but they are more than capable of being far more dangerous than they currently are.
As for the need to run Anti-Virus, as someone who worked in the Anti-Virus industry for more than a decade I can assure you that everyone needs to run it no matter how high their technical aptitude. If you don't run Anti-Virus and your computer has not been infected, then it's a sheer fluke, but at the same time I would wonder how you'd even know since you don't run Anti-Virus... Infections don't have to have symptoms after all, so unless you have the technical knowledge to manually check for infections (which most people who think they are safe without Anti-Virus don't) then you would have no clue.
EndangeredPootisBird - 11 months ago
Keep your system and applications up to date, don't open unsolicited links and attachments in unsolicited E-Mail's and IM messages, finally, avoiding software and game cracks will take care of the biggest reason people get infected nowadays. That's common sense for you, that will prevent close to 100% of all malware, if you do that then you don't need an AV.
Also, most malware that target home users don't try to maintain persistence, they simply perform a smash and grab on a users system then terminate and delete themself, so there wont be any "symtoms" anyways. other than all your accounts being compromised at once of course, which is why it's better to just not click "HotSexyNudes.exe", rather than trying trying to discover it in the act, as at that point it's already too late.
GT500 - 11 months ago
"Keep your system and applications up to date, don't open unsolicited links and attachments in unsolicited E-Mail's and IM messages, finally, avoiding software and game cracks will take care of the biggest reason people get infected nowadays. That's common sense for you, that will prevent close to 100% of all malware, if you do that then you don't need an AV."
You forgot about security vulnerabilities and social engineering.
"Also, most malware that target home users don't try to maintain persistence, they simply perform a smash and grab on a users system then terminate and delete themself, so there wont be any "symtoms" anyways. other than all your accounts being compromised at once of course, which is why it's better to just not click "HotSexyNudes.exe", rather than trying trying to discover it in the act, as at that point it's already too late."
Unless you're a malware analyst (which I very much doubt) you aren't qualified to say what most malware does. What most malware does or doesn't do does not necessarily remain consistent over time, so some article or forum post you read years ago doesn't necessarily apply today. The norm changes far more often than you might realize, and while I've been out of the game for a couple of years I can tell you that persistent malware has never been uncommon, and the only common type of infection that didn't usually maintain persistence was crypto ransomware.
Zurv - 11 months ago
We are having issues with chrome here too, but do not use Malwarebytes. We've not worked out a fixed yet. That said, most people use Edge.
We are using SCCM (likely not an issues are that is pretty much just the default windows malware protection and WatchGuard ERD (Panda Security.)
redwolfe_98 - 11 months ago
you can set malwarebytes to not register with the windows security center and then run both windows defender and malwarebytes, together, in realtime.
windows defender is a good program. there is no reason not to trust it. malwarebytes also is good, trusted by many people.
meatwad513 - 11 months ago
We're seeing the same symptom with Cisco Secure Endpoint after the June cumulative Windows updates, and we too narrowed it down to Secure Endpoint's exploit prevention engine.
GenericUsername - 11 months ago
Thanks to Microsoft developers, constantly breaking things with their updates, I am gainfully employed.
KeiFeR123 - 11 months ago
This is why enterprise users don't push Windows update until 6 months later.
Saphira2021 - 11 months ago
Tried to fix my computer and the proposed fix was not relevant as it was already toggled off. And Chrome was the default browser.
What do I do now?
mattShoff - 11 months ago
Something that's been working for us is to open Default Apps and find Chrome in the list, revert all the file association back from Edge to Chrome and Chrome will now launch (previously it would just spin the cursor and not launch at all). Hope this helps others.