Users cannot open Chrome - Error: 'ROP' exploit prevented in Google Chrome

Hi,

Does it help to go into:

https://cloud.sophos.com/manage/config/settings/exploit-mitigation-exclusions

and add an exclusion for Chrome?

I would also ensure that the computers have been restarted as, this component gets updated on restart.

Hope it helps.

Regards,

Jak

I really don't want to have to turn off exploit prevention in chrome for our users. I have confirmed it is trusteer endpoint causing the problem in the case of one of our customers, as disabling trusteer clears the error. Is there no way to exclude trusteer itself from exploit prevention?

I also had this issue with several users and at first thought it was the Trusteer Rapport chrome extension.  I found googledocs modules in Chrome extensions to be the cause.  Once disabled, no more ROP errors.  I'm now checking Sophos community for resolution in case other users run into this.

Hope this helps!

I've started seeing this appearing now. I have disabled the Google Docs ext in Chrome so it will be interesting if this comes up again after

I've started seeing this appearing now. I have disabled the Google Docs ext in Chrome so it will be interesting if this comes up again after

Hi mmacwan,

It could be a false positive if the extension is a known legitimate app. If you face the issue again, please refer How to report false positives. If it is confirmed as False positive we will have the required signature changes done from our end else it would be worth investigating with our support.