Google steals security page from Mozilla's Firefox

Google will take a page from Mozilla’s playbook and block outdated plug-ins from launching, part of new efforts to keep Chrome users safer, the company said Monday.

In a post to the Chromium blog , a trio of Google security engineers announced that Chrome would refuse to run plug-ins if they were found to be out of date, and thus, potentially vulnerable to exploitation of known bugs.

Chromium is the name of the open-source development project that feeds into the Chrome browser.

Google did not spell out when the outdated plug-in blocking would be added to Chrome, saying only that it would take place “medium-term.” Nor did the Google engineers specify which plug-ins would be blocked. Chrome will assist users in updating old plug-ins, they said.

Chrome will also display a warning when a site calls on an infrequently-used plug-in, said Chris Evans, Julien Tinnes and Michal Zalewski of Google’s security team. “Some plug-ins are widely installed but typically not required for today’s Internet experience,” they said. “For most users, any attempt to instantiate such a plug-in is suspicious and Google Chrome will warn on this condition.”

You can read the full article here.