Chrome 117 to Introduce Extension Security Checks: A Bold Move Against Malicious Extensions

Google has officially announced that the forthcoming Chrome 117, scheduled for release next month, will introduce an extension security check feature.

This new safety functionality for Google's browser aims to alert users to potential issues with certain extensions, mitigating risks such as malicious extensions hijacking users or stealing information.

To promptly address some malicious extensions, this feature also offers preset configurations, allowing automatic deletion of detected harmful extensions to minimize their impact.

The new feature's scenarios are as follows:

1. If developers voluntarily remove an extension from the Chrome Web Store, the Google browser will include corresponding prompts in the extension security check.

2. If an extension violates Google's developer policy and is subsequently removed from the store, Google's browser will issue a notification to inform users.

3. If an extension is flagged as malicious or poses other risks, Chrome will display a notification and may also suggest user actions.

4. Users can manually configure this feature, offering options within privacy and security settings to automatically delete extensions or ignore warnings, even though the ignored extensions may still be disabled.

To avoid false positives, a review process is also provided:

Extensions that violate developer policies and receive user notifications from Chrome may quickly lose most users.

Considering the significant potential impact, Google offers a review, notifying developers of the violation first and providing time for rectification.

Only after exceeding the provided time or continued violation of developer rules, will Google mark the extension in the cloud and distribute it to all Google browsers.

However, extensions marked as malicious are treated differently and are generally marked and immediately pushed to the browser, where they may be disabled or deleted.