Edge crashes when SRP are enabled with DLL enforcement since Windows 1703

Fixed Issue #13758012

Details

Author
Manuel M.
Created
Sep 14, 2017
Privacy
This issue is public.
Found in
  • Microsoft Edge
Found in build #
40.15063
Fixed in build #
17.17084
Reports
Reported by 16 people

Sign in to watch or report this issue.

Steps to reproduce

Steps to reproduce the issue:

  1. Install Windows 10 Creators Update, Version 1703.
  2. Open Local Security Settings. (secpol.msc)
  3. In the console tree, click Software Restriction Policies.
  4. On the Action menu, click New Software Restriction Policies.
  5. In the details pane, double-click Enforcement.
  6. Under Apply software restriction policies to the following, click All software files.
  7. Click OK.
  8. Now launch Edge. It will open, display a blank page for a couple of seconds (you can’t navigate anywhere) and then crash.

Notes:

  • This issue does not occur in any previous version of Windows before 1703.
  • As described above, the issue also occurs if no restricting policies are defined. Simply enabled DLL enforcement causes the error to happen.
  • Without DLL enforcement, Edge works. (Obviously not a viable workaround for the more security-minded.)

Error logged:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Application Error" />
    <EventID Qualifiers="0">1000</EventID>
    <Level>2</Level>
    <Task>100</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2017-09-14T17:51:05.226440400Z" />
    <EventRecordID>6580</EventRecordID>
    <Channel>Application</Channel>
    <Computer>BUERO-3.aufbauwerk.local</Computer>
    <Security />
  </System>
  <EventData>
    <Data>MicrosoftEdge.exe</Data>
    <Data>11.0.15063.608</Data>
    <Data>59ae2559</Data>
    <Data>EMODEL.dll</Data>
    <Data>11.0.15063.608</Data>
    <Data>39d85e28</Data>
    <Data>c0000409</Data>
    <Data>00000000000eb8ec</Data>
    <Data>1ee0</Data>
    <Data>01d32d820068ddae</Data>
    <Data>C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe</Data>
    <Data>C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\EMODEL.dll</Data>
    <Data>9f317926-51cb-494b-8498-9a43cef8b572</Data>
    <Data>Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe</Data>
    <Data>MicrosoftEdge</Data>
  </EventData>
</Event>

Attachments

0 attachments

    Comments and activity

    • Microsoft Edge Team

      Changed Assigned To to “James M.”

      Changed Assigned To to “wprpprtri@microsoft.com”

    • Quick follow-up: The issue also occurs in Windows 1709.
      Is there any news on this, as I’m holding off deploying/updating Creators Update to/on the clients for the time being but won’t be able to do so indefinitely (and therefore might be forced to look for another browser). :/

    • Having a Windows computer running w/o Application Whitelisting such as SRP is not an option for me. Disabling DLL enforcement is not an option as well. Microsoft, please pay attention to this issue. And yes, your OneDrive that launches from user AppData folder is soo bad! You better listen to Aaron Margosis, and remove executables from AppData.

    • Microsoft Edge Team

      Changed Assigned To from “wprpprtri@microsoft.com” to “Zach M.”

      Changed Status to “Confirmed”

      Changed Assigned To from “Zach M.” to “Sermet I.”

      Changed Assigned To from “Sermet I.” to “Dylan D.”

      Changed Status from “Confirmed” to “Fixed”

    • This is marked as Fixed. Can someone please explain how is this fixed? Its Not Fixed yet!

    • Where when can I download this fix?
      Will this fix also availabe for Windows 10 1703?

    • Hello,

      Thank you for providing this information about the issue. We are pleased to report this feature is fixed in Edge and available in the upcoming Insider Preview build 17054.

      Best Wishes,
      The MS Edge Team

    • Thanks for this Information.
      Will this fix ported back to 1709, 1703?
      We don’t upgrade all our Windows 10 Clients until this fix is officialy released.

    • Dear Support
      I Download an install Windows 10 Build 17063 in a VM.
      With my Tests the Problems with SPR are still there.
      So the fix does not work!!!

      Please fix this asap.

    • When I run Edge with SRP I get the following Event:
      Protokollname: Application
      Quelle: Application Error
      Datum: 04.01.2018 13:58:44
      Ereignis-ID: 1000
      Aufgabenkategorie:(100)
      Ebene: Fehler
      Schlüsselwörter:Klassisch
      Benutzer: Nicht zutreffend
      Computer: DESKTOP-1643MBI
      Beschreibung:
      Name der fehlerhaften Anwendung: MicrosoftEdge.exe, Version: 11.0.17063.1000, Zeitstempel: 0x5a31eb8f
      Name des fehlerhaften Moduls: EMODEL.dll, Version: 11.0.17063.1000, Zeitstempel: 0x5a31ec16
      Ausnahmecode: 0xc0000409
      Fehleroffset: 0x0022e6f8
      ID des fehlerhaften Prozesses: 0x16b0
      Startzeit der fehlerhaften Anwendung: 0x01d3855bb8e07768
      Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
      Pfad des fehlerhaften Moduls: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\EMODEL.dll
      Berichtskennung: 556c5e05-9f4d-4c92-9006-cb412874ed61
      Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_42.17063.1000.0_neutral__8wekyb3d8bbwe
      Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge
      Ereignis-XML:

    • This issue has just become critical, since Windows 1607 now ignores the group policy setting to delay the upgrade to Creators Update any longer, and there is still no backport of this fix (if there really is one, as Reto pointed out).
      Dear Microsoft, I truly cannot understand why this issue - of which I’m quite sure is affecting many corporate users - is treated so unimportantly. Do you want admins that still see value in Edge and the effort that was put into it to switch to a different browser? Well, at least I know a couple of hundred users that won’t surf with Edge anymore, not because they don’t like the browser, but because they can’t thank’s to your actions, or rather the lack thereof.

    • Hoping for a fix soon, thank you.

    • This should help:
      reg add “HKCU\Software\Microsoft\Internet Explorer\Spartan” /v RAC_LaunchFlags /t REG_DWORD /d 1 /f

    • @Signor P
      Thank you very much.
      I test your workaround on different computer and it works with software restriction policies (for exe and dll).
      But I didn’t know what exactly this modification does.
      Is there any official documentation from Microsoft?

    • Microsoft promise that this is fixed in
      April 17, 2018—KB4093117 (OS Build 15063.1058)

      Addresses an issue that causes Microsoft Edge to stop working after a few seconds when running a software restriction policy.

    • Hello All:

      @Signor P We must highly discourage any usage of the RAC_LaunchFlags registry value you mentioned; however, we always appreciate your eagerness to help.

      ATTENTION! Please do NOT use the below registry value to stop Edge from crashing on startup:

       
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Spartan]
      "RAC_LaunchFlags"=dword:00000001
       
      This registry value is not documented and should NOT be used under any circumstances, either as a troubleshooting step or a solution. RAC_LaunchFlags with a value of one basically disallow launching child (content) processes which is exactly what causes Edge to crash in the first place.

      Best Wishes,
      The MS Edge Team

    • Hello All:

      Thank you @Retro F. We have released a fix for RS2 (Edge 15063) which you can see here: https://support.microsoft.com/en-us/help/4093117

      Releasing this fix in RS3 (Edge 16299) is our top priority.

      Best Wishes,
      The MS Edge Team

    • Microsoft release kb4093105 to fix this Problem with Windows 10 1709 (RS3, Edge 16299)
      https://support.microsoft.com/en-us/help/4093105

    • In 1803 Enterprise version E5, exactly the same thing happens to the Edge when I configure ASR Advanced Ransomware and Application Control with ISG in Audit Mode via Intune. If I use the unsupported registry key Edge works again. Is the SRP DLL Enforcement bug fixed in 1803? Do the above functions also activate DLL enforcement of the SRP?
      How do I get the Edge running again without the registry key? So far I have found no other way but to reset the operating system.

    • Hi - we are having the same problem on Windows 10 1709 Enterprise with devices that have SRP applied.

      This issue only occurs on new build devices that have the April (the one with the fix) or May 2018 cumulative update applied.

      Only way to resolve currently is to apply the unsupported registry fix in the HKCU or HKLM or disable SRP (which is not an option)

      [\Software\Microsoft\Internet Explorer\Spartan]
      "RAC_LaunchFlags"=dword:00000001

      We are building 2500 devices over the next 3 weeks, can you tell me the ETA for the fix for this issue. I can see Thorsten’s post states that this occurs on 1803 as does the following issue statement https://developer.microsoft.com/en-us/microsoft-edge/platform/issues/17343551/

    • With Windows 1803 Microsoft remove the support for SRP.

      https://docs.microsoft.com/en-us/windows/deployment/planning/windows-10-1803-removed-features

      So there will be no help in the future

    • Postmaster C,

      SRP is entering depreciation but Windows Defender Application Control (including Audit, and Microsoft managed whitelisting of known safe apps) is NOT depreciation and seems to trigger the same bug…

      So SRP migrates into -> Windows Defender Application Control
      https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control

    • My 1703 and 1709 Windows 10 computers are still suffering this bug after the April and May Rollups were installed. Is there any more info on this? And if the patches were released in those rollups what’s up with the status of this bug? Fixed Not Flighted? Not sure how to take that.

    • We are using AppLocker and have just started to see they same issues on both Windows 10 1709 and 1803.
      Setting the regkey seems to solve the issue on the affected PC, but not all PCs are affected.

    • We are using only AAD / Intune with Endpoint protection configuration profiles, and are seeing this Edge crash problem on currently latest Windows 10 - build 1803, 17134.137

      I do not want to deploy regkey to computers due to not supported by Microsoft.

      What is correct resolution of this issue / how to enable Edge working again, while AppLocker is on?

    You need to sign in to your Microsoft account to add a comment.

    Sign in