Google will soon be releasing a version of its Chrome browser that will automatically block insecure plug-ins from running. This move is part of an ongoing effort to secure users from attacks that exploit bugs and vulnerabilities found in these plug-ins, which can be used by malicious websites to compromise systems.
The ability for users to install browser plug-ins has long been a double-edged sword. While plug-ins can enhance the functionality of a browser, they also introduce potential security risks. Users often find it challenging to keep their systems fully patched and secure, especially when dealing with multiple plug-ins from various developers.
Advanced Sandbox Design
The Google Chrome browser has one of the most advanced sandbox designs of all browsers. This design is crucial in stopping attacks by running individual windows and plug-ins in a separate process with limited access to the operating system kernel. By isolating each process, Chrome minimizes the potential damage that can be caused by a compromised plug-in. This sandboxing technique is a significant security feature that sets Chrome apart from many other browsers.
Proactive Measures by Other Browsers
Mozilla has recently addressed this problem by notifying users who run out-of-date add-ons. This notification system helps users stay informed about the status of their plug-ins and encourages them to update to the latest versions. However, Google is taking a more aggressive approach by blocking outdated and insecure plug-ins altogether. This proactive measure aims to prevent potential security breaches before they can occur.
The Google security team has stated that this feature will be implemented in the ‘medium term.’ This timeline suggests that users can expect to see these changes in upcoming versions of the Chrome browser. In addition to blocking insecure plug-ins, Chrome will also assist users in finding updates for the plug-ins it deems out-of-date. This dual approach not only enhances security but also ensures that users have access to the latest features and improvements offered by plug-in developers.
Implications for Users and Developers
For users, this new feature means a more secure browsing experience with less risk of encountering malicious exploits. However, it also means that users will need to be more vigilant about keeping their plug-ins up-to-date. The automatic blocking of insecure plug-ins will serve as a reminder to regularly check for updates and ensure that all installed plug-ins are from reputable sources.
For developers, this change underscores the importance of maintaining and updating their plug-ins. Developers will need to ensure that their plug-ins meet the security standards set by Google to avoid being blocked. This could lead to an overall improvement in the quality and security of browser plug-ins available to users.
In conclusion, Google’s decision to automatically block insecure plug-ins in its Chrome browser is a significant step towards enhancing user security. By combining advanced sandboxing techniques with proactive measures to block and update plug-ins, Chrome aims to provide a safer browsing environment. This move is likely to set a new standard for browser security and encourage other browser developers to adopt similar measures.
Via The Register
Latest Geeky Gadgets Deals
Disclosure: Some of our articles include affiliate links. If you buy something through one of these links, Geeky Gadgets may earn an affiliate commission. Learn about our Disclosure Policy.