Chrome malware crackdown extends to Windows and Mac dev channels


Google is requiring more Windows-based Chrome extensions to be installed from its Web Store and will enforce the same requirement on Mac users in a few months in an attempt to prevent users from inadvertently installing malicious titles.

The move comes a year after Google first required Windows users to download extensions from the Chrome Web Store, a mandate that resulted in a 75-percent drop in user support requests seeking help uninstalling unwanted extensions. The policy wasn’t enforced on the Windows developer channel, so developers of malicious extensions have increasingly embraced it as a medium for distributing their wares.

On Wednesday, Google said that all extensions for Windows were required to be hosted on the Google site, and starting in July, the same will apply to all extensions for OS X, Jake Leichtling, Google’s extensions platform product manager, wrote in a blog post. Google will continue to allow inline installations, in which a third-party website seamlessly links to an extension that is actually hosted on Google. Google will also continue to permit installations by large organizations through its enterprise policy.

Wednesday’s move came six weeks after Google removed more than 200 extensions and labeled most of them malicious.

Source: ArsTechnica