Google is planning to add a new feature to its Chrome browser that will block malicious downloads automatically, helping to prevent drive-by downloads and the kind of malware that rides along with supposedly legitimate software.

The new addition to Chrome already is in the development queue, appearing in the company’s Canary channel, which is the earliest development release available. The feature is meant to help protect users against the kind of malware that often is installed with users’ knowledge and make changes to their machines or install other malicious components such as keyloggers or Trojans.

With this new feature enabled, Chrome will show users a small notification in the bottom of the browser window, alerting them that a download has been blocked automatically.

“In the current Canary build of Chrome, we’ll automatically block downloads of malware that we detect. If you see this message in the download tray at the bottom of your screen, you can click “Dismiss” knowing Chrome is working to keep you safe,” Linus Upson, vice president of Google, said in a blog post explaining the changes.

“This is in addition to the 10,000 new websites we flag per day with Safe Browsing, which is used by Chrome and other browsers to keep more than 1 billion web users safe.”

Along with the addition of automatic malicious download blocking, upcoming versions of Chrome also will have a feature that will roll back users’ browser settings to the original state at the press of a button. This can help users recover from a malware infection that changes browser settings, resets home pages or prevents users’ from removing a plugin or extension.

“Bad guys trick you into installing and running this kind of software by bundling it with something you might want, like a free screensaver, a video plugin or—ironically—a supposed security update. These malicious programs disguise themselves so you won’t know they’re there and they may change your homepage or inject ads into the sites you browse. Worse, they block your ability to change your settings back and make themselves hard to uninstall, keeping you trapped in an undesired state,” Upson said.

“We’re taking steps to help, including adding a “reset browser settings” button in the last Chrome update, which lets you easily return your Chrome to a factory-fresh state. You can find this in the “Advanced Settings” section of Chrome settings.”

Image from Flickr photos of F Delventhal.

Categories: Malware, Web Security

Comments (9)

  1. LeeW
    1

    So, who defines malicious? My religious philosophy, my political ideology? These have always been declared “Malicious” or divisive, or any other maligned pronunciation by despotic,bankrupt anti freedom malignancies. Google? Already implicated as as a collaborator with the for-mentioned. And what about Googles purported collaboration with the Chinese governments tracking of dissidents calling for freedom?

    Sure, Chrome! A shiny reflection of what glitters is NOT always a good thing.

    Reply
  2. Kay
    2

    Lee, malicious refers to ‘malware laden’ in this case, it has nothing to do with ideology or philosophy. You clearly have no understanding of the subject at hand.

    Reply
  3. Sarah Gibbons
    3

    Please give me more details as to how exactly this works and if there are any costs involved. Please don’t have anyone call me, just send me an email reply. Thank you. Sarah.

    Reply
  4. who ever
    4

    lee, this wasn’t a philosophical question. This was a computer related issue with malware trying to silently install code with .exes from websites like adfly or shr77.com or heck even linkbucks is really bad about this

    Reply
  5. Dan
    6

    agreed – it’s horrendous for medium to advanced users. Lets you download, but then suddenly says “NO!!”

    now I’m off to find an add-in that blocks the blocker…..

    Reply
  6. Simon
    7

    This is indeed horrendous. My company is a small software publisher. Chrome says that our trial software “is malicious” and blocks it, when it is 100% clean. It has a digital signature. No other anti-virus or web-browser has any problems with it. And unlike all AV publishers, Google provide NO way system for reporting false positives (or none that we can find). This is outrageous. This has got to be actionable. I hope they end up paying out millions in class actions for this. They totally deserve to.

    Reply
  7. JimmyDee
    9

    Yeah, it’s great in general, but I want to know how to bypass it. I manage around 45 computers in our office and I occasionally need to download various different utilities. Today I was downloading a small utility to help do a quick and neat operation on an Outlook install (not a crack).

    Blocked by Chrome.

    Now I could go and disable the feature in settings, but considering we run a multi-language office and most of our users are Chinese, compared to me, a native English speaker, this is both annoying to have to deal with in Chinese Chrome and a waste of time because I really do not want the feature disabled, I just want to bypass it for a single download. Once I’m done, I don’t want to spend the time to set it back.

    Control-Clicking certain links would allow greater function. Don’t know why we can’t have that to bypass the security. Most dumb users won’t know about it and we can just use it when we need to.

    Reply

Leave A Comment

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>