In an effort to increase users' security, Google no longer will allow extensions for its Chrome Web browser to be installed without the user's knowledge. The company also said it will make changes to how plug-ins in its official store are vetted, in order to mitigate the number of malicious apps that make it past Google's monitors.
" Extensions can sometimes influence and performance," the company wrote . "Many users have installed extensions from the Chrome Web Store, but some users have extensions that were silently installed without their knowledge."
The "silent" install feature, which affects only Windows machines, was intended to allow users to conveniently opt in to plug-ins that complemented another application. However, since "this feature has been widely abused by third parties," Google decided to kill it in its latest Chrome update. Thus, with Chrome 25, users will be prompted before any complementary plug-ins attempt to install themselves in conjunction with another app .
Google's changes also extend to how extensions from are installed. In the past, any site could prompt a user to download a plug-in, but again Google has reined in the process to prevent abuses and will require all plug-ins that don't come from the official store to be added via the Extensions page.
" Online hackers may create websites that automatically trigger the installation of malicious extensions," Google wrote in a . "Their extensions are often designed to secretly track the information you enter on the Web, which the hackers can then reuse for other, ill-intended purposes."