Google Follows Firefox With Chrome Plug-in Protection

Google has mirrored Mozilla’s actions after it bolstered Chrome’s security with a plan to block vulnerable plug-ins from launching.

“We’re working on tackling the problem of out-of-date plug-ins, starting with the two most widely used and targeted plug-ins,” a Google spokesperson told eWEEK. “Adobe Flash now ships with Chrome and is automatically kept up-to-date with Chrome’s powerful auto-update. And in our latest developer builds, PDF files are rendered internally by Chrome. The PDF solution will also be auto-updated and already runs inside the Chromium sandbox.”

Following Mozilla

The move by Google mirrors what Mozilla has been doing with Firefox. Mozilla started to check Adobe Flash Player plug-ins in fall 2009, and now checks a number of other plug-ins as well. If the plug-ins are out of date, they are blocked from loading.

In addition, Mozilla created a page that users can surf to that will check the security of their plug-ins regardless of what browser they are using.

Google did not say when the plug-in protection would make its way into Chrome, but it has already added the ability to disable individual plug-ins as well as to operate in a “domain whitelist” mode where only trusted domains are permitted to load plug-ins.

Flash Included

In addition, Google has included Adobe Flash with Chrome, a move that will allow the browser’s auto-update feature to minimise the window of risk for patched vulnerabilities.

“We’re seeing a remarkable swing towards attacks that target pieces of browsing infrastructure such as plug-ins,” members of Google’s Security Team posted on the company’s Chromium blog. “This may be because browsers are taking the lead on auto-update and sandboxing. Since many plug-ins are ubiquitous, they pose the most significant risk to our user base.”

Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

3 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

3 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

3 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

4 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

4 days ago