Google will block Chrome add-ons from third-party sites
Posted on 17 July 2012.
Google has instituted a new rule that should keep Chrome users safe from malicious add-ons: starting with version 21.0.1180.41 (currently in beta), the browser will block all third-party extensions, apps, and user scripts that are not hosted on the Chrome Web Store.


The move is aimed at preventing the all-too-popular attacks mounted through booby-trapped websites that automatically trigger the installation of malicious extensions. These extensions often keep tabs on what pages the user is visiting.

Google is looking to check all third-party extensions that are submitted to the Chrome Web Store for signs of malicious functionality.

The inline install option that allows third-party extensions hosted in the store to be downloaded through the developer's own website will still be available.







Spotlight

Implementing an effective risk management framework

How do we balance the benefit of the free flow of information with the risk of inappropriate access and/or disclosure? What are the consequences of not doing so?


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Thu, Mar 26th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //