What the error looks like
The STATUS_INVALID_IMAGE_HASH error appears as an "Aw, Snap!" crash page inside Google Chrome, replacing any page you try to load. The error code text appears at the bottom of the crash screen. In some setups every tab crashes at once. In others the crash is intermittent, triggered by specific sites or after a browser or Windows update.
What actually causes this error
Google introduced the RendererCodeIntegrity feature in Chrome 78 (released in 2018). It instructs Windows to refuse loading any DLL into Chrome's renderer processes unless that DLL is signed by Microsoft. This is a genuine security measure: third-party code injected into the renderer is one of the leading sources of browser crashes, performance problems, and malware.
The error appears when a piece of software on your system tries to inject a DLL into Chrome's renderer and gets blocked. The renderer process then crashes, and Chrome shows the "Aw, Snap!" page instead of the website you wanted.
The most common culprits confirmed across public bug reports and vendor knowledge base articles include:
- Symantec Endpoint Protection (sysfer.dll): versions before 14.2 RU2 MP1 are confirmed incompatible (Broadcom Knowledge Base, article 175842)
- Cylance antivirus and CyMemDef64.dll triggers the error on affected builds
- Other third-party antivirus software: Kaspersky, McAfee, Avast, and Quick Heal have all been reported in user forums as causes in specific versions
- VPN clients that perform deep packet inspection using DLL injection
- Screen recording or remote desktop tools that hook into rendering processes
- Citrix Workspace and similar enterprise virtualization software
- DNS hijacking malware, as noted in Chrome community reports, can also produce this exact error signature
chrome://settings/cleanup or Windows Defender.
Quick triage: find your cause before you fix
Chrome has a built-in conflicts page that lists every third-party module loaded into its processes. Checking this takes 20 seconds and tells you exactly which software is responsible.
- 1Type
chrome://conflictsin the address bar and press Enter. - 2Look for any module marked R (renderer process) that is not signed by Microsoft.
- 3The module name identifies the software causing the conflict. Update or remove that software first.
8 fixes ranked by effectiveness
Work through these in order. Most users resolve the error at Fix 1, 2, or 3. The later fixes apply to specific scenarios.
Disable RendererCodeIntegrity via the Windows Registry
Registry edit via Command Prompt • Works on Chrome and Edge
This is the most reliable fix for the majority of users. It adds a Group Policy key that instructs Chrome to stop enforcing the Microsoft-signature requirement for DLLs loaded into renderer processes. The change is permanent until reversed.
Step 1. Close all Chrome windows. Open Task Manager (Ctrl+Shift+Esc) and confirm no chrome.exe processes are still running.
Step 2. Press the Windows key, type cmd, right-click Command Prompt, and select Run as administrator. Click Yes on the UAC prompt.
Step 3. Paste the following command and press Enter:
The operation completed successfully.
Step 4. Launch Chrome and test. If the error is gone, the DLL injection from a third-party process was the confirmed cause.
For Microsoft Edge, run this command instead:
To undo this change later (after updating or removing the conflicting software), run:
Update or remove the conflicting third-party software
The clean fix • Resolves the root cause without weakening Chrome's security
If chrome://conflicts identified the culprit software, updating it to a version that no longer injects unsigned DLLs into Chrome's renderer is the correct long-term solution.
Verified software versions that resolve the conflict:
- Symantec Endpoint Protection: Update to version 14.2 RU2 MP1 (build 14.2.5569.2100) or later. Broadcom confirmed the fix in their Knowledge Base article 175842.
- Kaspersky, McAfee, Avast: Apply any pending updates. These vendors released compatibility patches for Chrome's RendererCodeIntegrity in 2019 and 2020. Older installations may still carry the incompatible DLL version.
- Citrix Workspace: Add an exclusion for chrome.exe and msedge.exe in Citrix's hook configuration rather than updating, following Citrix's own guidance for per-application API hook exclusions.
If updating is not possible, applying Fix 1 as a temporary measure while you schedule the update is an acceptable intermediate step for corporate environments.
Disable RendererCodeIntegrity via Chrome shortcut flags
No registry edit needed • Effect applies only when launching through this shortcut
This method passes a command-line flag to Chrome at launch. The flag disables code integrity checking for that session only. It does not affect any other Chrome shortcut or system-level policy.
- 1Right-click your Chrome desktop shortcut and select Properties.
- 2Click the Shortcut tab. Locate the Target field. It will contain something like
"C:\Program Files\Google\Chrome\Application\chrome.exe". - 3Click at the end of the Target field value, add a space, then paste:
--disable-features=RendererCodeIntegrity - 4Click Apply, then Continue on the elevation prompt, then OK.
- 5Always launch Chrome using this shortcut. The flag is not active when Chrome opens through other means.
Update Google Chrome to the latest version
Essential baseline check • Should always be done first
Outdated Chrome versions can produce this error after a Windows update changes system DLL signing requirements. Chrome also periodically releases patches that improve compatibility with third-party software. Before applying more complex fixes, verify Chrome is fully up to date.
- 1Open Chrome and type
chrome://settings/helpin the address bar. - 2Chrome will automatically check for and download any pending updates.
- 3Click Relaunch once the update downloads to apply it.
- 4Test whether the error persists after relaunch.
Disable or isolate Chrome extensions
Identifies rogue extensions • Useful when the error affects specific users or profiles
Poorly coded or outdated Chrome extensions can interfere with the renderer process. Extensions that perform network interception, ad injection, or screen capture are particularly likely candidates.
- 1Open a new Chrome window in Incognito mode (Ctrl+Shift+N). Extensions are disabled in incognito by default.
- 2If the error does not occur in incognito, an extension is the cause.
- 3Go to
chrome://extensionsand disable all extensions using the toggle next to each one. - 4Re-enable extensions one at a time, testing Chrome after each, until the error reappears. The last extension you enabled is the cause.
Run Chrome in Windows compatibility mode
Bypasses version-specific process mitigations • Works on some Windows configurations
Running Chrome in compatibility mode for an earlier version of Windows can bypass the specific process mitigation that triggers the code integrity check. This method works on some systems and has no effect on others: it depends on your Windows version and build.
- 1Right-click the Chrome desktop shortcut or the chrome.exe file and select Properties.
- 2Click the Compatibility tab.
- 3Check Run this program in compatibility mode for and select Windows 8 from the dropdown.
- 4Click Change settings for all users to apply to all Windows accounts, then click Apply and OK.
Rename the Chrome executable file
Resets file identity check • Resolves corrupted executable name matching
Some security software and system tools perform integrity checks tied to the exact filename of the Chrome executable. Renaming the file resets this association and has resolved the error for a significant number of users, though the mechanism is not officially documented by Google.
- 1Close all Chrome windows completely. End all chrome.exe processes in Task Manager.
- 2Open File Explorer and navigate to
C:\Program Files\Google\Chrome\Application. - 3Find
chrome.exe. Press F2 to rename it. Change the name to anything other than chrome.exe, for examplechromebrowser.exe. - 4Click Continue on the administrator permission prompt.
- 5Launch Chrome using its desktop shortcut. If the shortcut no longer works, right-click it, choose Properties, and update the Target path to the new filename.
Reinstall Chrome completely
Nuclear option • Resolves corrupted installation files
If none of the above fixes work and chrome://conflicts shows no third-party conflicts, Chrome's installation files may be corrupted. A clean reinstall replaces all executable and configuration files.
- 1Open Windows Settings, go to Apps, find Google Chrome, and click Uninstall.
- 2After uninstalling, manually delete the remaining folders:
C:\Program Files\Google\ChromeandC:\Users\[username]\AppData\Local\Google\Chrome. - 3Restart your computer.
- 4Download a fresh Chrome installer from google.com/chrome and run it.
Fix summary at a glance
| # | Fix | Difficulty | Permanent? | Best for |
|---|---|---|---|---|
| 1 | Registry key (RendererCodeIntegrity = 0) | Easy | Yes | Most users, enterprise antivirus conflicts |
| 2 | Update or remove conflicting software | Medium | Yes | Known software conflicts (Symantec, Cylance) |
| 3 | Shortcut flag (--disable-features) | Easy | Partial | Users who launch Chrome via shortcut only |
| 4 | Update Chrome | Easy | Yes | Outdated Chrome on updated Windows |
| 5 | Disable extensions | Easy | Yes | Single user/profile affected |
| 6 | Compatibility mode (Windows 8) | Easy | Yes | Windows version-related conflicts |
| 7 | Rename chrome.exe | Easy | Partial | Filename-based security tool conflicts |
| 8 | Full reinstall | Medium | Yes | Corrupted Chrome installation |
Frequently asked questions
Yes. Microsoft Edge is built on the same Chromium engine as Chrome. It introduced the RendererCodeIntegrity mitigation in Edge 13 in 2015, earlier than Chrome. Edge users see the same error with the message "This page is having a problem" instead of "Aw, Snap!"
All fixes in this guide work for Edge with one change: replace HKLM\Software\Policies\Google\Chrome with HKLM\Software\Policies\Microsoft\Edge in registry commands, and rename msedge.exe instead of chrome.exe for Fix 7.
Technically yes, though the practical risk is limited in most home and office environments. RendererCodeIntegrity prevents unsigned DLLs from injecting into Chrome's renderer processes. Disabling it allows all DLLs to inject, including theoretically malicious ones.
In practice, malware that reaches your system to inject DLLs has already bypassed your perimeter defenses. The registry fix resolves an incompatibility problem rather than disabling a primary layer of protection. That said, if you can resolve the conflict by updating the offending software (Fix 2), that is always the preferable approach.
Chrome updates and major Windows updates can change the version or signing requirements of system DLLs. When this happens, a DLL that was previously tolerated by Chrome's code integrity check may start failing the verification on the new build.
Windows feature updates (such as those moving from one Windows 11 version to another) are a common trigger. Chrome major version updates occasionally tighten the enforcement policy as well. If the error appeared immediately after an update, the update changed something that Chrome's renderer is now rejecting.
Three things to check. First, confirm that no chrome.exe processes are still running in the background before testing. Open Task Manager and end all Chrome processes, then relaunch from scratch.
Second, check that the registry key was created under the correct path. Open Registry Editor (regedit), navigate to HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome, and confirm that a value named RendererCodeIntegrityEnabled of type DWORD exists with the value set to 0.
Third, if the crash is still occurring, the cause may not be RendererCodeIntegrity at all. An error code of STATUS_INVALID_IMAGE_HASH from a different origin would not respond to this registry fix. Run chrome://conflicts again and check whether a module appears that you had not noticed previously.
Yes. The error comes from the interaction between Chrome and other software on your system, not from Chrome or its extensions alone. A freshly installed Chrome with no extensions will still produce this error if an antivirus, VPN, or other system-level tool is injecting unsigned DLLs into the renderer.
Check chrome://conflicts after a fresh install. If a conflicting module appears there, the error will continue regardless of whether extensions are installed.
No. The STATUS_INVALID_IMAGE_HASH error is specific to Windows. The RendererCodeIntegrity feature uses a Windows-only process mitigation policy that instructs the Windows OS loader to reject unsigned binaries. macOS and Linux handle process isolation differently and do not have this same mechanism.
If you are seeing browser crashes on Mac, the error code will be different and the troubleshooting steps will not apply.
Open Command Prompt as administrator and run:
REG DELETE "HKLM\Software\Policies\Google\Chrome" /v RendererCodeIntegrityEnabled /f
This removes the policy value and restores Chrome's default behavior of enforcing the Microsoft signature requirement on DLLs. After running the command, restart Chrome. If the original cause (the conflicting software) has been updated or removed, Chrome should now work correctly with code integrity re-enabled.
The crash is triggered when Chrome creates or resumes a renderer process, which happens when loading a new tab or navigating to a new site. Whether the crash happens depends on when the conflicting software attempts its DLL injection into Chrome's renderer.
Some antivirus and security tools perform injection checks when they scan page content, and the timing of this check can vary by page type or URL pattern. Sites that load more quickly may trigger the crash more consistently because Chrome spins up the renderer faster. The underlying cause is the same regardless of which site triggers it.
Conclusion
The STATUS_INVALID_IMAGE_HASH error has one root cause: Chrome's renderer process is rejecting a DLL that some other software on your system is trying to inject. The fix is either to identify and update the conflicting software (Fix 2) or to disable Chrome's enforcement of the check (Fix 1) while you address the conflict at the source.
Start with chrome://conflicts to identify the culprit. Apply the registry fix as a fast resolution. Then contact the vendor of the conflicting software to apply the update that removes the need for the registry workaround permanently.
If none of the targeted fixes work and chrome://conflicts shows nothing unusual, run a full malware scan before proceeding to a reinstall. A small percentage of these errors are caused by DNS hijacking malware that produces the same error signature as legitimate software conflicts.
Looking for trusted SSL certificates?
Compare DV, OV, and EV certificates from leading certificate authorities: with pricing, warranty, and validation speed side by side.
Compare SSL Certificates at comparecheapssl.com
