Edge Chromium 89 issues: DLP failure to detect folder uploads and Unknown URLs for drag and drop
17695
17 May 2021
16 March 2021
UPDATE MAY 17, 2021: A hotfix is available for DLP 15.7 MP2 that addresses these issues (for Chrome 89 and later). See this advisory for details. A fix for these issues is being developed for DLP 15.8. A fix for these issues will not be available for DLP 15.5.
Update March 30, 2021: The initial version of this Advisory provided the workaround of restarting the DLP Agent from the Enforce Server administration console. However, upon further testing, a more robust workaround has been identified, as indicated below. The workaround provided in this update should be used.
ISSUES: When using a recent build of Microsoft Edge Chromium version 89, when a user uploads a folder with sensitive data, Data Loss Prevention is unable to detect the folder upload. Additionally, when drag-and-drop functionality is used, Unknown URLs are indicated in incident reports.
These issues occur when Edge is updated to version 89.0.774.54. The issues do not occur with the initial build of Edge 89, version 89.0.774.48.
The issue applies to all Data Loss Prevention versions that support Edge.
WORKAROUND: To address the described issues, disable the startup boost feature of Edge Chromium. You can disable the feature by modifying the Registry through endpoint management tools (such as Microsoft SCCM software); or by using Active Directory GPO policies.
The following links to articles provide details about how to disable the startup boost feature: