Skip to main content

Who is this article for?

Incydr Professional, Enterprise, Horizon, and Gov F2
Incydr Basic, Advanced, and Gov F1

Find your product plan in the Code42 console on the Account menu.

Instructor, no.

Incydr Professional, Enterprise, Horizon, and Gov F2, yes.

Incydr Basic, Advanced, and Gov F1, yes.

HOME
GETTING STARTED
RELEASE NOTES
FAQs
APIs
SYSTEM STATUS
Code42 Support

macOS missing tab title and URL for Google Chrome events

Overview

Google Chrome's update to version 99.0.4844.74 on March 15, 2022 included changes to their signing certificate. On macOS devices, this change caused the Code42 app to lose the permissions required to capture source and destination details for file activity in Google Chrome.

As a result, the Active tab titles and URLs field may display the message Unavailable - Permissions not set. This also affects Incydr's ability to evaluate trusted activity, calculate risk scores, and apply source/destination categories for these events.

This article describes the steps required to update your macOS configuration profile via your mobile device management (MDM) tool to resume capturing Tab title and URL metadata on macOS devices.

Affects

macOS devices:

  • With Google Chrome version 99.0.4844.74 and later
  • In Incydr environments that have Browser and other application activity exfiltration detection enabled

Recommended solution

  1. From your MDM (for example, Jamf Pro), navigate to the Code42 configuration profile.
    (If you do not already have a Code42 configuration profile, follow these steps to create and deploy a profile).
  2. In the Privacy Preferences Policy Control (PPPC) payload, find the Receiver Identifier for com.google.Chrome.
  3. Locate the existing Receiver Code Requirement:
(identifier "com.google.Chrome" or identifier "com.google.Chrome.beta" or identifier "com.google.Chrome.dev" or identifier "com.google.Chrome.canary") and certificate leaf = H"c9a99324ca3fcb23dbcc36bd5fd4f9753305130a"
  1. Replace the existing Receiver Code Requirement string with:
Copied!
(identifier "com.google.Chrome" or identifier "com.google.Chrome.beta" or identifier "com.google.Chrome.dev" or identifier "com.google.Chrome.canary") and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EQHXZ8M8AV

Make sure you edit the Receiver Code Requirement value, not the "Code Requirement" field that appears elsewhere.

The new Receiver Code Requirement string continues to also grant the required permissions to older versions of Google Chrome.

External resources

Related topics

  • Was this article helpful?