Google has increased security of Chrome OS by changing the way how third party extensions are installed on the OS.
Users were able to download third party extensions (.crx files) and trigger their installation by clicking on them. However, through an update, which was applied to all Chromium projects including the Chrome OS and Chrome browser, Google has blocked this behaviour in a bid to strengthen the security of its offerings and now users who click on these files will be served with an error message and a URL-redirect to Google Explanations page.
Google explained that the change in the installation process is to prevent websites, harmful or harmless, from automatically triggering extension installations. Google has asked third party developers to move their extensions to Chrome Store so that they can be analyzed by Google team.
The change with respect to extension installation hasn’t been implemented completely and users can install them by dragging them to extension page and reviewing the permissions requested.
Google has already announced that “starting in January on the Windows stable and beta channels, we’ll require all extensions to be hosted in the Chrome Web Store.”
