Google is implementing additional security measures to protect Chrome users from malicious browser extensions. Users will begin to see Safe Browsing malicious download warnings within the next week when attempting to download software that has been flagged as malicious, the search giant said in a recent blog post.
Those producing software with ill intent used to be able to take advantage of a setting in Chrome that allowed for silent extension installation by default. That feature, however, was disabled earlier this year starting with Chrome 25 which prompted malware makers to search for new installation methods.
Since then, attack methods have shifted to try and get around silent installation blockers by misusing Chrome's central management settings which are typically used by organizations to configure instances of the browser. By doing this, installed extensions are enabled by default and can't be uninstalled or disabled within Chrome. We are told that other variants include binaries that can directly manipulate Chrome preferences to enable silent installs and turn on extensions within these binaries.
Google said the new measures are designed to detect software that violates Chrome's standard mechanisms for deploying extensions. The recent security measures are said to expand Google's capabilities to detect and block malware that falls into this category.
Google points out that application developers should adhere to Chrome's standard mechanisms for extension installation. That umbrella includes the Chrome Web Store, inline installation and other deployment options.