Google Follows Firefox With Chrome Plug-in Protection

Google has mirrored Mozilla’s actions after it bolstered Chrome’s security with a plan to block vulnerable plug-ins from launching.

“We’re working on tackling the problem of out-of-date plug-ins, starting with the two most widely used and targeted plug-ins,” a Google spokesperson told eWEEK. “Adobe Flash now ships with Chrome and is automatically kept up-to-date with Chrome’s powerful auto-update. And in our latest developer builds, PDF files are rendered internally by Chrome. The PDF solution will also be auto-updated and already runs inside the Chromium sandbox.”

Following Mozilla

The move by Google mirrors what Mozilla has been doing with Firefox. Mozilla started to check Adobe Flash Player plug-ins in fall 2009, and now checks a number of other plug-ins as well. If the plug-ins are out of date, they are blocked from loading.

In addition, Mozilla created a page that users can surf to that will check the security of their plug-ins regardless of what browser they are using.

Google did not say when the plug-in protection would make its way into Chrome, but it has already added the ability to disable individual plug-ins as well as to operate in a “domain whitelist” mode where only trusted domains are permitted to load plug-ins.

Flash Included

In addition, Google has included Adobe Flash with Chrome, a move that will allow the browser’s auto-update feature to minimise the window of risk for patched vulnerabilities.

“We’re seeing a remarkable swing towards attacks that target pieces of browsing infrastructure such as plug-ins,” members of Google’s Security Team posted on the company’s Chromium blog. “This may be because browsers are taking the lead on auto-update and sandboxing. Since many plug-ins are ubiquitous, they pose the most significant risk to our user base.”

Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Recent Posts

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

1 day ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

1 day ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

2 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

2 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

2 days ago