Full Report
Microsoft has fixed a known issue causing its Family Safety parental control service to block Windows users from launching Google Chrome and other web browsers. [...]
Analysis Summary
# Vulnerability: Microsoft Family Safety Browser Launch Logic Error
## CVE Details
- **CVE ID:** Not Assigned (This is classified as a "Known Issue" / Logic Bug rather than a security vulnerability with a CVE identifier).
- **CVSS Score:** N/A
- **CWE:** CWE-694 (Use of Temporarily Overridden Control) / Logic Error
## Affected Systems
- **Products:** Microsoft Windows 10 and Windows 11
- **Versions:**
- Windows 11 22H2 and later
- Windows 11 24H2
- Windows 10 22H2
- **Configurations:** Systems with **Microsoft Family Safety** parental controls enabled, specifically using web filtering and app approval features.
## Vulnerability Description
The issue stems from a logic error within the Family Safety web filtering service. When a previously approved third-party browser (such as Google Chrome) updates to a new version, the service fails to recognize the updated executable as an approved application. Instead of allowing execution, the service treats the new version as unverified or blocked, causing the browser to either fail to launch or crash immediately upon opening. This is caused by a delay or failure in Microsoft's service-side "block list" and verification mechanism to synchronize with new software release hashes.
## Exploitation
- **Status:** Not exploited (This is a functional bug causing unintended Denial of Service for the user).
- **Complexity:** Low
- **Attack Vector:** Local (Triggered by standard application update processes).
## Impact
- **Confidentiality:** None
- **Integrity:** None
- **Availability:** Low/Medium (Prevents the use of specific third-party applications; impacts local system usability).
## Remediation
### Patches
- **Service-Side Fix:** Microsoft released a service-side resolution in early February 2026.
- **Action Required:** Users must connect the affected device to the internet to receive the backend update automatically. No manual patch installation is required.
### Workarounds
- **Activity Reporting:** Enable the "Activity reporting" feature in Microsoft Family Safety settings. This allows the system to correctly trigger "Ask a parent" prompts, enabling parents to manually re-approve the updated browser version.
- **Manual Approval:** Parents can manually allowlist the new browser version through the Family Safety dashboard after an attempted launch.
## Detection
- **Indicators of Compromise:** Not applicable (functional bug).
- **Detection Methods:**
- Google Chrome or other browsers crashing immediately upon launch.
- System event logs showing Family Safety or WpcMon.exe (Windows Parental Controls) intervention.
- Unexpected "Ask for permission" prompts for applications that were previously authorized.
## References
- **Microsoft Release Health Dashboard:** hxxps://learn[.]microsoft[.]com/en-us/windows/release-health/status-windows-11-22h2#350msgdesc
- **BleepingComputer Report:** hxxps://www[.]bleepingcomputer[.]com/news/microsoft/microsoft-fixes-bug-that-blocked-google-chrome-from-launching/
- **Microsoft Support Forum:** hxxps://answers[.]microsoft[.]com/en-us/windows/forum/windows_11-wintop_famsafety/microsoft-family-safety-blocking-chrome-browser/40023ef5-177b-4eed-a857-80ed15afa3a5