Category Archives: Chrome

Adware, Chrome, Google, Internet crime, Malware, Spam and scams

Google’s efforts to clean up ad injection on the web

Leave a comment

A recent post on the Chrome blog discusses Google’s recent efforts to clean up the growing problem of ad injection on the web.

From the post: “Ad injectors are programs that insert new ads, or replace existing ones, into the pages you visit while browsing the web.” If you’re seeing a lot of advertising on all the sites you visit, and much of it seems unrelated to the site, your computer may be running one or more ad injectors.

Ad injectors are unwanted software that is surreptitiously installed on victims’ computers through a variety of tricks, including “marketing, bundling applications with popular downloads, outright malware distribution, and large social advertising campaigns.”

The ad injection ‘ecosystem’ is complex, and at any given time there are thousands of injection campaigns affecting web surfers.

To combat this problem, Google has identified and removed 192 apps – identified as contributing to ad injection systems – from the Chrome Web Store. Improvements in the Chrome Web Store and Chrome itself help to protect against ad injection software. And Google is reaching out to advertising networks, to assist them in eliminating ad injection. Most importantly, Google’s AdWords network policies have been tweaked, to make it more difficult for the perpetrators of ad injection schemes to promote malicious software.

Adobe, Chrome, Flash, Google, Patches and updates, Security

Security updates for Adobe Flash and Reader

Leave a comment

Updates for Flash and Reader/Acrobat, released earlier today by Adobe, address a variety of security vulnerabilities “that could potentially allow an attacker to take control of the affected system.”

Flash 17.0.0.188 includes fixes for at least eighteen vulnerabilities, all of which have been flagged as Critical.

Adobe Reader/Acrobat version 11.0.11 addresses seven Critical vulnerabilities.

Anyone still using Flash in a web browser should update Flash as soon as possible. If you use Adobe Reader to open PDF files from unknown sources, you should update Reader as soon as possible. As usual, newer versions of Internet Explorer will auto-update, as will Chrome (to version 42.0.2311.152).

Chrome, Google, Internet Explorer, Microsoft, Security

Chrome and Internet Explorer add security features

Leave a comment

A new extension for Chrome called Password Alert helps users recognize when they’ve unknowingly entered their Google/GMail password on a phishing web page. The extension does this without itself compromising security. If you use Chrome, this extension is highly recommended. You can find the extension in the Chrome web store. Bruce Schneier has more.

Meanwhile, Microsoft is adding a feature to Internet Explorer that will warn users when they visit a site with ads that contain malware. The feature is expected to start working on June 1.

Update 2015May01: And just like that, Google’s Password Alert extension is shown to be extremely easy to bypass. Google issues an update, which is also shown to be seriously flawed.

Chrome, Google, Security, Windows XP

Google extends Chrome support for Windows XP

Leave a comment

Recognizing that millions of people are still using Windows XP, Google has extended support for that O/S in their web browser. That means they will continue to develop fixes for security issues in Chrome running on Windows XP. Anyone still using Windows XP is strongly encouraged to stop using Internet Explorer, which is no longer supported by Microsoft, and use Google Chrome instead.

Chrome, Google, Patches and updates, Security

45 security issues fixed in Chrome 42.0.2311.90

Leave a comment

The latest version of Chrome includes fixes for forty-five security vulnerabilities. According to the announcement, version 42.0.2311.90 also has improvements in stability and performance.

Starting with this version of Chrome, the old NPAPI technology used for plugins (including Java and Silverlight) is disabled by default. If any of your Chrome plugins still use this technology, you’ll need to enable them when the browser warns you.

Chrome, Google, Security

Google clamping down on malicious Chrome extensions

Leave a comment

If you use Google’s web browser Chrome, and you’ve noticed that some extensions are causing problems, take heart. Google recently discovered that about 200 Chrome extensions are injecting ads in deceptive ways, often leading users to malware. These extensions have been killed by Google, and measures taken to prevent this type of abuse in the future. Note that Google doesn’t explicitly bar ad-injection extensions; however, such extensions are subject to certain limitations.

If you suspect that your installation of Chrome is running one or more of these rogue extensions, your best bet is to uninstall Chrome completely and reinstall it.

Update 2015Apr09: Google’s efforts to identify and remove problematic extensions are ongoing. More announcements of this type are expected. For example: the extension ‘Webpage Screenshot’ was found to be collecting user data inappropriately, and was also killed.

Chrome, Google, Patches and updates

Chrome 41.0.2272.101 released

Leave a comment

On March 19, Google announced version 41.0.2272.101 of its Chrome web browser. The announcement doesn’t describe any changes, and only says that a ‘partial list of changes is available in the log’. The log is derived from the Git version control system used by Google to manage Chrome’s source code. As such, it’s difficult to parse for significant changes. It appears that only minor changes were made in Chrome 41.0.2272.101.