Google continues to improve the security of its Chrome browser, which is now serving over 310 million active users. Google has now added a browser security setting which they claim will prevent non-Chrome Web Store extensions from installing in the Chrome browser automatically. Google has also announced that it has also begun monitoring submissions to the Web Store. Why was Google not sanitising the extensions?
In the latest version of Chrome (it updates silently in the background, so no need for manual updating) users will have to verify that they want to download the 3rd-party ‘inline’ browser extension by adding them through the Extensions page. Google analyzes each and every extension that is uploaded to the Web Store, so if it finds an extension that is behaving maliciously it will remove it from the Web Store. Google however don’t have the ability to take down malicious items promoted on 3rd party websites. Read more...
Author
