Plug-ins can open vulnerabilities in even relatively secure browsers like Chrome. Even coders, like Jeff Atwood, can fall victim. Here’s how to reign in plug-ins like Java, or disable them entirely, in Google Chrome.
At question-and-answer site Super User, Atwood explains how a Java plug-in left him vulnerable to fake antivirus software installing without permission—even after he tried to shut down an installation request. Users pointed out Chrome’s ability to either set plug-ins as “click to play”, or having certain plug-ins disabled entirely.
Super User has other sound suggestions on what one can do to minimise or eliminate plug-in vulnerabilities, like disabling Java entirely (done from the chrome://plugins page), or installing a 64-bit plug-in that your system doesn’t actually know is available. What have you seen as a proper level of security when it comes to browser plug-ins?
Disable Java Plugin in Google Chrome? [Super User]