Google is testing a new feature in its Chrome browser that will warn users when they attempt to download a potentially malicious executable file. The feature is an extension of the existing Web-based security mechanisms the company has integrated into Chrome and the Safe Browsing API and will be available to all users later this year.
The new warning about malicious executables is based on the data that Google collects and publishes in its Safe Browsing API, which is used in most of the major browsers, including Firefox and Safari. Google security officials said that the new warning mechanism is meant to help protect users against sites that use bait-and-switch tactics to entice them into downloading malicious files by promising seemingly legitimate content.
The company is testing the feature with a small portion of its Chrome users right now in preparation for making it available to the user population at large later.
“This warning will be displayed for any download URL that matches the latest list of malicious websites published by the Safe Browsing API. The new feature follows the same privacy policy
currently in use by the Safe Browsing feature. For example, this
feature does not enable Google to determine the URLs you are visiting,”
“We’re starting with a small-scale experimental phase for a subset of our
users who subscribe to the Chrome development release channel, and we
hope to make this feature available to all users in the next stable
release of Google Chrome. We hope that the feature will improve our
users’ online experience and help make the Internet a safer place.”
A lot of phishing sites and rogue anti-virus sites use the kind of techniques that Google is trying to protect against with the new warnings, telling users that they need to download a security update or new digital certificate or browser plug-in in order to proceed with some other action. If the Chrome warning works as intended, it could help prevent a lot of malware infections and other attacks.
Google officials said that the initial test of the malicious download warning will detect malicious Windows executables, but that may expand to other files over time.
