Skip to main content
Contact Support

Instructor, no.

Incydr Professional, Enterprise, Horizon, and Gov F2, yes.

Incydr Basic, Advanced, and Gov F1, yes.

HOME
GETTING STARTED
RELEASE NOTES
FAQs
APIs
SYSTEM STATUS
Code42 Support

macOS missing tab title and URL for Google Chrome events

  1. Last updated
  2. Save as PDF

Overview

Google Chrome's update to version 99.0.4844.74 on March 15, 2022 included changes to their signing certificate. On macOS devices, this change caused the Code42 agent to lose the permissions required to capture source and destination details for file activity in Google Chrome.

As a result, the Active tab titles and URLs field may display the message Unavailable - Permissions not set. This also affects Incydr's ability to evaluate trusted activity, calculate risk scores, and apply source/destination categories for these events.

This article describes the steps required to update your macOS configuration profile via your mobile device management (MDM) tool to resume capturing Tab title and URL metadata on macOS devices.

Affects

macOS devices:

  • With Google Chrome version 99.0.4844.74 and later
  • In Incydr environments that have Browser and other application activity exfiltration detection enabled

Recommended solution

  1. From your MDM (for example, Jamf Pro), navigate to the Code42 configuration profile.
    (If you do not already have a Code42 configuration profile, follow these steps to create and deploy a profile).
  2. In the Privacy Preferences Policy Control (PPPC) payload, find the Receiver Identifier for com.google.Chrome.
  3. Locate the existing Receiver Code Requirement:
(identifier "com.google.Chrome" or identifier "com.google.Chrome.beta" or identifier "com.google.Chrome.dev" or identifier "com.google.Chrome.canary") and certificate leaf = H"c9a99324ca3fcb23dbcc36bd5fd4f9753305130a"
  1. Replace the existing Receiver Code Requirement string with:
Copied!
(identifier "com.google.Chrome" or identifier "com.google.Chrome.beta" or identifier "com.google.Chrome.dev" or identifier "com.google.Chrome.canary") and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EQHXZ8M8AV

Make sure you edit the Receiver Code Requirement value, not the "Code Requirement" field that appears elsewhere.

The new Receiver Code Requirement string continues to also grant the required permissions to older versions of Google Chrome.

External resources

Related topics

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
    Available in CrashPlan Cloud
    No
    Available in other/on-premises product plans
    No
    Available in Incydr Basic and Advanced
    Yes
    Available in Incydr Pro, Enterprise, and Horizon
    Yes
    Available in Instructor
    No
    Available in CrashPlan for Small Business
    No
  2. Tags
    1. mobileconfig