In association with heise online

06 April 2011, 12:10

Chrome to block downloads of hazardous .exe files

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

As well as sounding the alarm when navigating to a nefarious web site, in the future the Windows version of Google's Chrome browser will block downloads of infected .exe files. Users will, however, still be able to override this feature and download them anyway.

This feature is essentially an extension of Google's Safe Browsing API, which involves querying an additional list of malicious download links. The same data protection guidelines apply – Google does not see the URL, as the browser queries a local list first and only in exceptional circumstances sends the hash of a URL to Google's servers for checking.

The new feature is currently only implemented in the development version of Chrome for testing on a small scale. Google is hoping to be able to offer it to a wider public in the next stable release. Although this feature make anti-virus software redundant, it is another element in Chrome's comprehensive approach to security.

Zoom If they wish, users can ignore the warning and download the file anyway.

Chrome's sandbox already makes it difficult for attackers to exploit security vulnerabilities to infect Windows systems. At the last Pwn2Own contest, Chrome – alongside Firefox – remained unhacked. Chrome also includes its own PDF reader, allowing users to dispense with the Adobe Reader plugin – a frequent target for attacks. The integrated Flash Player also runs in its own sandbox.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit