Google has enacted a new policy that will prevent users from any extensions they didn’t download from the Chrome Web Store, claiming the measure will “protect Windows users from [a malware] attack”.
The change means any browser extensions users have already downloaded and installed from other sources will be automatically disabled, and won’t be able to be enabled until they appear in the Chrome Web Store.
The changes are designed to prevent malware from secretly installing unwanted plugins on users’ computers.
Google notes developers will still be able to install local extensions during development, installs via Enterprise policy users won’t be affected, and the change will not be implemented on operating systems other than Windows (such as Mac OS-X or Linux).
In a post on Google’s official Chrome blog, engineering director Erik Kay advises website owners to use a feature called inline installs if they want to offer users Google plugins.
“Malware can change how browsers work by silently installing extensions on your machine that do things like inject ads or track your browsing activity. If you notice strange ads, broken web pages or sluggish browsing after installing some new software or plugins, you could be affected,” Kay says.