Chrome detection fails with Network Service Sandbox Enabled
search cancel

Chrome detection fails with Network Service Sandbox Enabled


Article ID: 233747


Updated On:


Data Loss Prevention Data Loss Prevention Endpoint Prevent


After installing Google Chrome 100 or manually enabling the NetworkServiceSandboxEnabled policy for Chrome, file uploads are no longer detected.


This issue only affects the DLP 15.8 and later agent, a Hotfix has now been released for the DLP 15.7 MP2 agent.



"As early as Chrome 100, to improve security and reliability, the network service, already running in its own process, will be sandboxed on Windows. As part of this, third-party code that is currently able to tamper with the network service may be prevented from doing so. This might cause interoperability issues with software that injects code into Chrome's process space, such as Data Loss Prevention software."
See the following google support article for more information:

In this case the feature is available as early as Chrome 96 but must be manually enabled via GPO. 



Hotfix version 15.8.00201.01003 allows the network sandbox feature to remain enabled while not missing out on detections.   DLP 15.7 MP3 has been tested and works fine so no action needs to be taken.


If you are unable to install the hotfix at this time, the sandbox feature can be manually disabled by GPO. This will prevent the feature, once in an official Chrome release, from being enabled and thus breaking detection. 

Create the following new registry DWORD value





Set the data to '0'

Relaunch Chrome. 



Additional Information

See the following beta materials from Google: