We'd love to hear about it! Click here to go to the product suggestion community
I am a new Sophos user and appreciate any help with this that you may be able to offer. When starting up Chrome we get the following message:
"An attempt to exploit an application vulnerability was prevented"
I don't know it this is something legit with Chrome that Sophos is detecting as a possible malicious attempt, or if it is an exploit. If it is malware, how do I remove it from the cpu, as the software scanning is not taking care of it?
Here are the details that are listed with the "intercepted attack" prompt:
Platform 10.0.17763/x64 v508 06_9e
Application C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Description Google Chrome 75
Value Name GoogleChromeAutoLaunch_4E6299B33FA0592A57BB7C6E94F010D2
Value "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
1 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
2 C:\Windows\explorer.exe 
3 C:\Windows\System32\userinit.exe 
4 C:\Windows\System32\winlogon.exe 
5 C:\Windows\System32\smss.exe 
\SystemRoot\System32\smss.exe 000000fc 00000084 C:\WINDOWS\System32\WinLogon.exe -SpecialSession
Data based thumbprint
Thanks again for any help!
It doesn't look concerning. It appears that Chrome is setting a registry key to ensure it starts automatically as you logon.
This is the information most relevant:
This page: https://bugs.chromium.org/p/chromium/issues/detail?id=436504 kind of details the purpose of the key and that it's somehow related to the option of contuining where you left off.You can ignore this event or whitelist it in Sophos Central if that's the management platform you are using. Are you using the business product or the free Home versionRegards,
In reply to jak:
Thank you for your reply and help with this Jak!