More malicious extensions cause Google to tighten Chrome policy on Windows, Mac

This is why we can't have nice things: Malicious Chrome extensions are getting through the loophole of Google's Chrome Developer channel.
Written by Kevin Tofel, Contributor

Google's openness keeps closing, little by little. Don't blame the search giant though.

Instead, point your angst at programmers that make malicious extensions for the Chrome browser. Google said on Wednesday it will take another step to protect users from such extensions by forcing all of them to be hosted on the Chrome Web Store.

This policy actually started a year ago, but left an open loophole: Extensions could be installed outside of the Chrome Web Store for those running the Developer channel of the Chrome browser.

With its announcement today, Google is closing that option as well as extensions running on the Developer channel will face the same store restriction as the Chrome Beta and Stable channels.

We originally did not enforce this policy on the Windows developer channel in order to allow developers to opt out. Unfortunately, we've since observed malicious software forcing users into the developer channel in order to install unwanted off-store extensions. Affected users are left with malicious extensions running on a Chrome channel they did not choose.

The new policy will immediately be enforced for Chrome on Windows, while Chrome for Mac will follow in July.

Google says that local installation of extensions will still be supported so that developers can test their work. For those that want to deploy Chrome extensions in enterprises or schools, there's still a procedure to do so.

Editorial standards