The authenticating problem affects all Chromium browsers

Jul 17, 2020 10:43 GMT  ·  By

Security company Sophos recommends customers using the Sophos Authentication for Thin Clients, or SATC, to delay the update to the latest version of Google Chrome and Microsoft Edge due to authentication issues.

In a tech support document published earlier this month and spotted by Gunther Born, Sophos says that the problem can be encountered with any browser that is based on Chromium, so the company recommends users to either stick with the previous version or just switch to Firefox.

“Sophos recommends that customers do not update to version 84 of Google Chrome or Microsoft Edge at this time. Sophos also recommends that customers consider using Firefox as an alternative, as it will still function correctly with the SATC agent,” the security vendor says, adding that a replacement for the current agent is already in the works, and it’s projected to go live later this year.

The workarounds

For now, however, users are recommended to avoid updating their Chromium browsers to the latest versions, and if the update was already installed, to downgrade to version 83 or just switch to Firefox.

Additionally, Sophos says that customers can enable the “Runs network service in-process” flag in Chromium browsers to be able to authenticate via SATC after the update.

“Win32 API code injection is how SATC operates. When a 3rd party SSO firewall client is hooked into the Win32 API network stack to detect the user of each TCP connection for firewall authentication, the user's TCP connection requests that originated from their Chrome browser are no longer detected by the firewall SSO client. Since Chrome no longer uses the Win32 network stack, subsequent TCP connections are not authenticated properly and will fail to traverse the firewall,” Sophos explains.

Sophos says it’ll share more information on the release date of its SATC agent replacement “as soon as possible.”