Potential Disruption to Microsoft in Chrome Beta Version 78

Potential Disruption to Your sign-in & sign-out in Microsoft. (In Chrome Beta Version 78)

Summary

The Beta release of the Google Chrome web browser (build 78, released on Sept 19th, 2019) has a few change in their features that you may not like. The core change is around how your information is handled through cookies.


The bad news is that this expected change can severely affect open standards—based applications and services. Note that these changes also can affect Microsoft cloud services and you need to protect your organization. The new behavior (in a Beta Release) in Google Chrome, can prevent users from being able to sign-in to services. And the worst part, it may cause your user session to remain active after users appear to sign-out.


Google is doing this to try and stop over-tracking that is going on the web.




Here is an Example: Every where that has a social media bar or like button... (Pinterest, Twitter, Instagram, etc) allows those companies to track you on the web through cookies.


Let's use the example of Facebook. When you click on a Facebook like button it sends a request to Facebook (using a cookie with info about you)... but the unfortunate part is they can still track you even if you are not signed into Facebook at that time.


The problem is it's hard for Google to tell the difference between a Facebook like button and a Facebook log-in button.


In stopping the cookie tracking they have broken some of the log-in to a website functionality. (We understand wanting to block the like button but not the log-in button.) With this change Microsoft is reporting that Azure is having trouble with Google Chrome web browser (build 78). Even though Microsoft does not have a like button and only a log-in button — Chrome is treating it as so... and it is being blocked.


THE SCARIEST PART - you could click the log-out button and it's possible you are not logged out.


Action by Microsoft:

Customers are advised to avoid using the Beta version of the Chrome browser to access Microsoft services until further notice. Microsoft is working to address this situation before these changes are included in the generally available version of Chrome.


Additionally, we understand that Google is planning to provide enterprises the ability to override these changes. However, Google has not shared with Microsoft any further details about these overrides or the dates on which the overrides might become available.


If you don't set Chrome Beta to be your default browser you should be all right. (Stable Release) If you have to use the Beta - (be aware) it is probably broken. The hope is Google will fix this at some point...


User impact:

During testing of this change in Microsoft services, we found the following scenarios to be severely degraded:

  • Signing in to important sites such as the Azure portal fails and generates an error.

  • Signing in to Microsoft Power BI enters a loop and eventually generates an error.

  • Sign-out messages from certain sites indicate a successful sign-out. However, the cookie clearing process fails, and this keeps the user signed in. 

  • Signing in and signing out fails on many customer-developed websites that use some versions of Microsoft .NET Framework and .NET Core to process authentication tokens. 

  • Customer-developed applications that do silent token refreshing in MSAL or ADAL against Azure Active Directory (Azure AD), Microsoft Account, or Active Directory Federation Services (AD FS) fail to sign in. 

Recommendation:

It is strongly recommend that customers use the stable release of the Chrome browser. Avoid using the Beta release in any production environments when you are accessing Microsoft services. 


If you are a developer and need the Beta release for website testing, we recommend that they use a different browser to access Microsoft services.

60 views

800.439.6456 - info@journeyteam.com

CORPORATE OFFICE UTAH

121 W Election Rd #300

Draper, UT 84020

VAR_Star_logo White.png

VAR STARS
2019 WINNER

  • White LinkedIn Icon
  • White Instagram Icon
  • White Facebook Icon
  • White YouTube Icon
  • White Twitter Icon

Microsoft Dynamics 365, SharePoint, Cloud, ERP, Field Service, Finance and Operations, CRM and Marketing Consultant in Utah and Tennessee. Microsoft Gold Partner and Okta top 20 World-Wide Partner. © 2020 JourneyTEAM. All Rights Reserved. Privacy Policy Terms and Conditions