Google to take security page from Mozilla's Firefox
Bangalore: Recently, Google said that it will take a page from Mozilla's security playbook and block outdated plug-ins from launching in its Chrome browser, part of a new effort to keep users safer.
Chromium is the name of the open-source development project that feeds into the Chrome browser. Google did not spell out when the blocking of outdated plug-ins would be added to Chrome, saying only that it would happen in the medium-term. Nor did the Google engineers specify which plug-ins would be blocked. Chrome will assist users in updating old plug-ins, they said.
Chrome will also display a warning when a site calls on an infrequently-used plug-in, said Chris Evans, Julien Tinnes and Michal Zalewski of Google's security team. "Some plug-ins are widely installed but typically not required for today's Internet experience. For most users, any attempt to instantiate such a plug-in is suspicious and Google Chrome will warn on this condition."
Google did not reply to requests for clarification and more information on the timeline of the impending changes to Chrome. By making this move with Chrome, Google is following in the footsteps of Mozilla, which has already equipped its Firefox browser with the ability to block outdated plug-ins.
Both Mozilla and Google have said the new features represent a response to the rapid increase in the number of attacks against vulnerable plug-ins, especially Adobe's Flash Player and estimates, attacks against browser plug-ins, particularly Adobe's popular Reader PDF viewer, are quickly climbing. In the first quarter of 2010, PDF exploits accounted for 28 percent of all malware-bearing attack code, antivirus vendor McAfee said in April.
In other security arenas, Chrome is already ahead of Firefox. For example, Google's browser now automatically updates Adobe's Flash Player behind the scenes. And two weeks ago, Google added an integrated PDF viewer to the "developer" build of Chrome for Windows and Mac.