How to: Secure Chrome against Logjam

Update: Chrome 45 was released on 9/1/15 with a fix for the “logjam” vulnerability.  Use Chrome 45 or newer

Disable the following cipher suites

  • (0xcc15) TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
  • (0xcc9e) TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
  • (0x0039) TLS_DHE_RSA_WITH_AES_256_CBC_SHA
  • (0x0033) TLS_DHE_RSA_WITH_AES_128_CBC_SHA

Until the Chrome 45 update, the easiest by far is to

Step 1:
Modify an existing (or create) a shortcut to Chrome.  Right click on the shortcut and select Properties

Step 2:
Add the following to the application Target:

It should look like this:
(Note: Target field is long and is split into two screenshots)



Step 3:
Click Apply or OK to save

Step 4:
Close all Chrome browser windows

Step 5:
Use the shortcut you just modified to re-open Chrome and verify these cipher suites have been disabled



(h/t) @eckes on twitter:



The fix is “on track to be included in Chrome 45”



I zipped the Logjam safe shortcut from this tutorial.

If you used the standard installer your application path is %UserProfile%\AppData\Local\Google\Chrome\Application\chrome.exe

Download “Windows Default 32-bit Chrome (Logjam Safe) Shortcut” – Downloaded 135 times – 1 KB

Google Chrome (Logjam Safe).lnk

  • MD5: 32D2342D138B66A3F458D66842038CA5
  • SHA1: CAB26DCFEF880D5D7422633A2732770CB6B0BB17

If you used the “offline installer” Chrome installs to “C:\Program Files (x86)\Google\Chrome\Application\chrome.exe”

Download “"Program Files (x86)" 32-bit Chrome (Logjam Safe) Shortcut” Chrome (Logjam Safe) – Downloaded 123 times – 1 KB

Chrome (Logjam Safe).lnk

  • MD5: C689CABE8887CD8187CAAFA395DBCF2B
  • SHA1: EE2E1D54BA3DF586406BB13CA3E35E41A130745B

Original content and screenshots on this page are licensed under a Creative Commons Attribution 3.0 License (