Google Chrome To Kill Browser Code Injection By 2019

Image: Google

Stability and security are two properties you want in a browser. The Chromium team, which works on the core software that powers Google Chrome, is introducing a change in July 2018 that will improve both aspects for the browser by denying third-party programs from injecting code into the application.

Code injection sounds like a bad thing in general, but it does have its uses — live debugging, for example. For day-to-day browsing activities, the arguments for are much weaker, weak enough for Chris Hamilton of the Chrome Stability Team to post the following news:

In July 2018, Chrome 68 will begin blocking third-party software from injecting into Chrome processes. If this blocking prevents Chrome from starting, Chrome will restart and allow the injection, but also show a warning that guides the user to remove the software. Finally, in January 2019, Chrome 72 will remove this accomodation [sic] and always block code injection.

According to Hamilton, the change is primarily being made to improve Chrome's stability, with code injection increasing the odds of a crash by 15 per cent. The unspoken benefit is that it'll be harder for malicious programs to hijack the browser.

While full-on injection blocking is a year away, this gives the likes of antivirus vendors time to update and test their applications so they don't misbehave once the final "lockdown" is applied.

Reducing Chrome crashes caused by third-party software [Chromium Blog, via ZDNet]


Comments

Be the first to comment on this story!

Trending Stories Right Now