Plugin Security Changes Coming To Google Chrome

Martin Brinkmann
Jun 30, 2010
Updated • Apr 23, 2015
Google Chrome

Integration of the Flash plugin and a native PDF reader in Google Chrome has been a controversial move. Some users liked the idea as it allowed them to access contents without having to install the necessary plugins first, others feared the worst, that Google would lack behind in updating the plugins whenever a security update would become available.

But fear is only one side of the medal. Users who are careless about the installed plugins are benefiting immensely from these internal plugins. They personally do not have to follow the latest security announcements to update their plugins the second a new update is issued, Google does that for them.

Chrome users who prefer not to use the internal plugins can disable them easily which means that everyone should be fine with the solution.

Chrome developers have added another powerful weapon to the web browser; plugin controls that allow users to whitelist plugins on domains and block them from running on all other sites.

The plugins will simply not work on other websites if configured correctly. That's beneficial to users who need Flash or another plugin on a handful of sites only but don't want it to run on all sites they visit.

Google does not stop there as several interesting additions to Chrome's plugin handling have been announced on the official Chromium Blog.

Google Chrome will protect users from outdated plugins. It will simply refuse to run them and aid users in updating plugins so that they can be used again in the web browser.

It is not clear how the plugin database will be maintained but it is unlikely that all plugins available worldwide are listed in it so that the most popular plugins are maintained in the database.

Protection from out-of-date plug-ins: Medium-term, Google Chrome will start refusing to run certain out-of-date plug-ins (and help the user update).

A second interesting feature is the ability to warn users of plugins that have been infrequently used in the past. Some plugins are installed by software or the user and never used in the web browser. Chrome will warn users about those plugins so that they can be deactivated in the plugin manager.

Warning before running infrequently used plug-ins: Some plug-ins are widely installed but typically not required for today’s Internet experience. For most users, any attempt to instantiate such a plug-in is suspicious and Google Chrome will warn on this condition

Those two additions can be very helpful and it is likely that other browser developers will offer those features in their browser eventually as well. Mozilla has already started to inform users about outdated plugins during updates.

To find out which plugins are recognized by Chrome currently, load chrome://plguins in the browser.

Additional information are displayed when you click on the details button. This allows you to change the state of each plugin among other things.

Plugin Security Changes Coming To Google Chrome
Article Name
Plugin Security Changes Coming To Google Chrome
Google revealed upcoming plugin-related changes in its Chrome browser that improve the handling of plugins in it.

Previous Post: «
Next Post: «


  1. hb860 said on July 5, 2010 at 9:06 pm

    Translated now and posted @my blog
    Thanks for great article.
    Ghacks rocks!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.