Strange behavior after updating Microsoft Edge to Version 110

[Tonyset 4]

Hello, how from title after updating Edge this morning to version 110, edge crashed and closed by itself , after various solutions I discovered that if I reactivate the option of ESS "Protect all browsers" then Edge works and does not freeze, however if I turn off  option, edge does not work and freezes . There's something wrong with the latest version of Edge and ESS. Some users have had the same problem?

Regards

[itman 1,659]

No problem here using Edge ver. 110 and ESSP with Protect all browsers option disabled on Win 10 22H2.

Are you running Win 11?

[Mr_Frog 14]

Glad to know that I'm not the only one haha. For me only disabling Banking and Payment Protection to fixed the crash problem of Edge Browser. Today the same behavior is happening in Chrome, but Edge is the most affected. When opening Edge in a flash or about 10 seconds it will be close itself.

Edited February 11, 2023 by Mr_Frog

[Mr_Frog 14]

1 hour ago, itman said:

Are you running Win 11?

Looks like its not about OS Version. Im on Win 10 22H2 Pro x64.

[itman 1,659]

4 hours ago, Mr_Frog said:

For me only disabling Banking and Payment Protection to fixed the crash problem of Edge Browser

Actually in the OP's case, the reverse is true:

8 hours ago, Tonyset said:

I discovered that if I reactivate the option of ESS "Protect all browsers" then Edge works and does not freeze

Inconsistent behavior like this points to Secure all browser protection per se is not the base source of these issues.

There currently is a major issue with old Intel graphics drivers borking DirectX processing in Windows 10/11: https://www.bleepingcomputer.com/news/microsoft/microsoft-says-intel-driver-bug-crashes-apps-on-windows-pcs/ , tracking back to 11/2022 Win update.

Edited February 11, 2023 by itman

[stackz 112]

It's "Enable protected website redirection" that causes it.

[Tonyset 4]

15 hours ago, itman said:

No problem here using Edge ver. 110 and ESSP with Protect all browsers option disabled on Win 10 22H2.

Are you running Win 11?

Yes , win 11 home Build  22621.1194

It seems strange but as soon as I updated edge to version 110 it freezes and closes and even stranger if active "Protect all browsers" Edge works.

Regards

[Tonyset 4]

11 hours ago, itman said:

Actually in the OP's case, the reverse is true:

Inconsistent behavior like this points to Secure all browser protection per se is not the base source of these issues.

There currently is a major issue with old Intel graphics drivers borking DirectX processing in Windows 10/11: https://www.bleepingcomputer.com/news/microsoft/microsoft-says-intel-driver-bug-crashes-apps-on-windows-pcs/ , tracking back to 11/2022 Win update.

Hello, I have the latest version of Intel driver Intel® Graphics Driver 31.0.101.2115

[Tonyset 4]

Update: I uninstalled ESS and Microsoft Edge does not crash and works perfectly. So there is some incompatibility with the latest version of Edge and ESS.
Later I will reinstall ESS and let you know if anything changes.

Regards

[Tonyset 4]

I reinstalled ESS and the problem immediately recurred when I disabled "Protect all browsers".
Here are the dump files

Regards

essp_logs.zip

[Tonyset 4]

11 hours ago, stackz said:

It's "Enable protected website redirection" that causes it.

Yes, you are right, disabling it, edge works with or without "Protect all browsers", but the problem remains.

Regards

[secured2k 2]

I have the same issue with the business product, ESET Endpoint Security 10.0.2034. 

I attached a debugger and found the crash appears with an ESET module, "eOppMonitor". This module appears to be associated with web filtering (Enable Application Protocol Content Filtering).

 

Possible options until it is fixed with an update:

• Turn off the filtering feature.
• Revert to Edge 109
• Enable web filtering (Including TLS) exceptions for affected applications like msedge.exe
• Enable Secure browser for all browser windows (this appears to load the browser in a VM and somehow avoids the crash.

Technical:

ExceptionAddress: 00007ff994a6f0f8 (msedge!prerender::NoStatePrefetchManager::StartPrefetchingWithPreconnectFallback+0x000000000000039c)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000001
   Parameter[1]: 000000000000001a
Attempt to write to address 000000000000001a

FAULTING_THREAD:  00002e2c

PROCESS_NAME:  msedge.exe

IMAGE_VERSION:  110.0.1587.41

IMAGE_NAME:  msedge.dll

FAILURE_BUCKET_ID:  NULL_CLASS_PTR_WRITE_c0000005_msedge.dll!prerender::NoStatePrefetchManager::StartPrefetchingWithPreconnectFallback

OS_VERSION:  10.0.22621.1

BUILDLAB_STR:  ni_release

OSPLATFORM_TYPE:  x64

OSNAME:  Windows 10

SYMBOL_NAME:  msedge!prerender::NoStatePrefetchManager::StartPrefetchingWithPreconnectFallback+39c

MODULE_NAME: msedge

00000083`f2bfde60 00007ffa`3d617a4a     : 00000083`f2bfe048 00000083`f2bfe048 00000000`0000001c 80000000`00000020 : msedge!prerender::NoStatePrefetchManager::StartPrefetchingWithPreconnectFallback+0x39c
00000083`f2bfdfa0 00007ff9`982b512e     : 00000083`f2bfe140 00000000`00000001 00000083`f2bfe238 0000339c`0e5a94c0 : eOppMonitor+0x17a4a
00000083`f2bfe000 00007ff9`93b271f1     : 00000000`00000000 00007ff9`93b27165 00007ff9`9cf1c582 00007ff9`9d38165c : msedge!prerender::NoStatePrefetchManager::AddPrerenderForNtp+0x140
00000083`f2bfe210 00007ff9`936b4f3a     : 00000000`00000000 00000000`00000000 0000339c`08393bf0 00000449`bc10f6c0 : msedge!prerender::PrerenderNtpManager::AddPrerenderInternal+0x71
00000083`f2bfe260 00007ff9`924301ac     : aaaaaaaa`aaaaaaaa aaaaaaaa`aaaaaaaa aaaaaaaa`aaaaaaaa aaaaaaaa`aaaaaaaa : msedge!IdleManager::NotifyIdleStateChanged+0x12a
00000083`f2bfe320 00007ff9`915a0477     : aaaaaaaa`aaaaaaaa aaaaaaaa`aaaaaaaa aaaaaaaa`aaaaaaaa aaaaaaaa`aaaaaaaa : msedge!base::RepeatingTimer::RunUserTask+0x4c
00000083`f2bfe350 00007ff9`909a451e     : aaaaaaaa`aaaaaaaa aaaaaaaa`aaaaaaaa aaaaaaaa`aaaaaaaa aaaaaaaa`aaaaaaaa : msedge!base::internal::DelayTimerBase::OnScheduledTaskInvoked+0x37
00000083`f2bfe390 00007ff9`909a1fe6     : 00000000`00000001 00000083`f230a000 00000000`00000001 00007ffa`59b578c8 : msedge!base::TaskAnnotator::RunTaskImpl+0x1ee
00000083`f2bfe4e0 00007ff9`909b67e7     : aaaaaaaa`aaaaaaaa 00005dec`00222b01 00005dec`00278500 00005dec`00278500 : msedge!base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWorkImpl+0x666
00000083`f2bfe7d0 00007ff9`92091792     : 00000083`f2bfebd8 0000006d`c2f2e8a7 0000c360`c58e64e3 00000000`00000001 : msedge!base::MessagePumpForUI::DoRunLoop+0x857
00000083`f2bfeb50 00007ff9`92a38020     : 00005dec`00238320 00000083`f2bfecf0 00000083`f2bfed98 00007ff9`912bb7e3 : msedge!base::MessagePumpWin::Run+0x82
00000083`f2bfebb0 00007ff9`9288bdd3     : 00000000`00000000 00000000`00000178 00000083`0000002f 0000c360`c58e63d3 : msedge!base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run+0x100
00000083`f2bfec40 00007ff9`92736ae0     : 00000000`00000000 00000000`00000000 00000000`00000000 0000006d`c2f2e898 : msedge!base::RunLoop::Run+0x143
00000083`f2bfed70 00007ff9`927367b9     : 00000083`f2bfef20 00007ff9`929f9b40 0000339c`00034088 00000000`0000001c : msedge!content::BrowserMainLoop::RunMainMessageLoop+0x9a
00000083`f2bfede0 00007ff9`927360a9     : 00000000`00000000 00007ff9`9d399218 00000000`00000018 00000000`00000000 : msedge!content::BrowserMain+0xa4
00000083`f2bfee90 00007ff9`927355e8     : aaaaaaaa`aaaaaaaa 0000aaaa`aaaaaaaa 00007ff9`9c725790 00007ff6`00000001 : msedge!content::RunBrowserProcessMain+0xd2
00000083`f2bfef90 00007ff9`926e593a     : 00000083`f2bff140 00007ff9`926e422c 00000000`001e001c 0000027d`862473b0 : msedge!content::ContentMainRunnerImpl::RunBrowser+0x4be
00000083`f2bff0f0 00007ff9`926e4dd1     : 00005dec`00238320 0000c360`c58e7e63 aaaaaaaa`aaaaaaaa aaaaaaaa`aaaaaaaa : msedge!content::ContentMainRunnerImpl::Run+0x31a
00000083`f2bff230 00007ff9`926e3445     : 00007ff6`219c0000 00006ebc`0027c140 00000083`f2bff530 0000027d`86204d60 : msedge!content::ContentMain+0x21f
00000083`f2bff450 00007ff6`21a7f5c8     : 00007ff6`21cd05a0 00007ff9`926e31a0 00000000`21cd0500 00006ebc`002702a0 : msedge!ChromeMain+0x2a5
00000083`f2bff630 00007ff6`21a7c623     : 00000000`0027c100 aaaaaaaa`aaaaaaaa 00006ebc`0027c140 0000006d`c2e4ee52 : msedge_exe!MainDllLoader::Launch+0x392
00000083`f2bff8c0 00007ff6`21b3aee2     : 00000000`00000000 00007ff6`21b3af59 00000000`00000000 00000000`00000000 : msedge_exe!wWinMain+0x468
00000083`f2bffdc0 00007ffa`59cf26bd     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msedge_exe!__scrt_common_main_seh+0x106
00000083`f2bffe00 00007ffa`5b08dfb8     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : KERNEL32!BaseThreadInitThunk+0x1d
00000083`f2bffe30 00000000`00000000     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x28

 

[secured2k 2]

Further testing found the issue is something in the new update for Edge may be trying to query or access sites ESET considers a secure banking or payment site. ESET detects the attempt and tries to read the website that was opened in a tab, but since the website was not in a tab/address bar, no data is presented to the programs - which results in a crash. This also could be ESET trying to close the Edge browser window that needed to be redirected but also does not exist.

It looks like the product needs some improvement with compatibility with whatever Edge/Chromium is doing now as well as some additional validation (corrected coding/programming) to prevent redirection failure.

The current work around is to disable the Automatic Redirection if enabled under the Secure browser settings. See the image below from ESET Endpoint Security, under Web and Email, Secure Browser Settings. Note: The list is maintained by ESET so it may be possible for them to fix or disable the feature in an automatic module update (Secure Browser module, v1294, Jan 10, 2023).

 

Edited February 12, 2023 by secured2k

[itman 1,659]

A few clarifications here.

As I posted previously: https://forum.eset.com/topic/35395-strange-behavior-after-updating-microsoft-edge-to-version-110/?do=findComment&comment=162853 , I had no issues running Edge ver. 110 with the Secure all browsers option disabled. As far as I am concerned, this is the work around to this problem. Actually, it is the permanent work around to all the problems this feature has caused to date.

[secured2k 2]

Yes, disabling Secure Brower features would be a work-around but disables the option to use the feature entirely. For the recent Microsoft Edge 110 update, the minimal fix is to disable just the website redirection option. There was no issue on the previous 109 versions so this is a common programming/compatibility issue.

 

The feature has worked well for what it does - a virtualized/sandboxed container and/or enhanced HIPS restrictions on memory/processes. Those with high end hardware and licensing for Windows (Pro/Enterprise) can use Application Guard to get similar (or better) protections as well. In Enterprise, high security environments sandbox everything and only allows for specific exceptions IT Admins set. I think ESET needs to document to normal users that the higher level of security does come at the cost of convenience - so it is expected that some copy/paste, printing, saving, extensions, etc. will not work as smoothly. Then they could go as far as showing simple attacks (malware and keyloggers) not working in the secured container vs non-secured application.

However, most home users don't know or don't care. They assume things are secure enough rather than using a multilayered approach.

[Tonyset 4]

8 hours ago, secured2k said:

Yes, disabling Secure Brower features would be a work-around but disables the option to use the feature entirely. For the recent Microsoft Edge 110 update, the minimal fix is to disable just the website redirection option. There was no issue on the previous 109 versions so this is a common programming/compatibility issue.

 

Certainly to disable"Enable protected website redirection" is a temporary solution waiting for Eset to solve the problem, however using the built-in Protected Browser in ESS you are still protected for banking transactions, etc.

Regards

Edited February 13, 2023 by Tonyset

[peteyt 393]

5 minutes ago, Tonyset said:

Certainly to disable"Enable protected website redirection" is a temporary solution waiting for Eset to solve the problem, however using the built-in Protected Browser in ESS you are still protected.

Regards

It might be worth also emailing your findings if you have not done so as I know Eset prefers this over the forum. I've not seen anyone from Eset address this on here but will tag @Marcosin as they may have just missed this 

[Peter Randziak 1,130]

Hello guys,

The dev team is on it.

I can confirm that we see multiple reports of the issue, but the scenario does lead to crash in all cases.

I’m unable to reproduce it with MS Edge 110.0.1587.41 myself.

I can confirm that as of now it seems to be an issue with the Protected websites redirection feature.

[Peter Randziak 1,130]

The dev team decided to disable Protected websites redirection feature for Chrome and MS Edge browsers, until the issue is resolved in order to prevent the browsers crashes.
The change will be distributed via an Rapid response module update (probably with version 21778).
After the automatic update, the Chrome and MS Edge won't crash anymore, but the Protected websites redirection feature will not work until we release the full fix.

Disabling the Protected websites redirection feature resolves the issue.

Another way to resolve the issue is to use the Secure all browsers option.
We apologize for the inconvenience caused by this issue.

[Maege 0]

3 hours ago, Peter Randziak said:

The dev team decided to disable Protected websites redirection feature for Chrome and MS Edge browsers, until the issue is resolved in order to prevent the browsers crashes.
The change will be distributed via an Rapid response module update (probably with version 21778).
After the automatic update, the Chrome and MS Edge won't crash anymore, but the Protected websites redirection feature will not work until we release the full fix.

Disabling the Protected websites redirection feature resolves the issue.

Another way to resolve the issue is to use the Secure all browsers option.
We apologize for the inconvenience caused by this issue.

Hi,

thanks for the clarification here in the forum.

Does ESET have some newsletter or feed to subscribe to get informed about that type of issues?

It would do our work much easier if we do not need to google around :-).

(At beginning, we was not searching the error on ESET, we think it's Windows or EDGE itself... So this board was not our first point of view)

Thanks.

[Flipper69 0]

On 2/11/2023 at 5:21 PM, stackz said:

It's "Enable protected website redirection" that causes it.

I beg to differ; I disabled only the "Enhanced memory protection" option in B&PP and Edge is stable again. I do not use the "Secure all browsers" feature as I prefer to use a separate B&PP browser session for all banking and payment sites and another non-B&PP browser session for regular browsing.

[Marcos 5,071]

The issue should have gone after a module update at about 12:00 CET yesterday (Feb 13).

[Flipper69 0]

37 minutes ago, Marcos said:

The issue should have gone after a module update at about 12:00 CET yesterday (Feb 13).

Confirmed; latest Edge browser working normal with B&PP completely activated. 

[Peter Randziak 1,130]

23 hours ago, Maege said:

Does ESET have some newsletter or feed to subscribe to get informed about that type of issues?

We do not have such publicly available and this issue was a bit specific as it does not occur with the default settings of the latest released versions.

In case of a severe issue we usually post an KB alter on support.eset.com.

[Peter Randziak 1,130]

6 hours ago, Flipper69 said:

I do not use the "Secure all browsers" feature as I prefer to use a separate B&PP browser session for all banking and payment sites and another non-B&PP browser session for regular browsing.

secured (isolated) browser is a basic idea of the Banking and Payment protection. In the past, the „default“ was browsing in a standard i.e. unsecured browser. We changed this „default“ browser to secured, with the option to choose whether you want it to be the same as isolated browser (with essential extensions only), or with the extensions you like/want.

For most of the users, enabling Secure All browsers improves their security in much wider range of scenarios, than just banking and payment and it is able to improve the protection for much more customers than the previous solution that relied on the redirection.

For users who like the really isolated mode or „special browser mode“ (secured browser with custom profile directory and blocked all non-essentials extensions) is still accessible from desktop shortcut / start menu / product tile.

 This functionality will be preserved in the future.