Last December, the Czech anti-virus firm Avast found 28 extensions for the Google Chrome and Microsoft Edge browsers that contained malware. These extensions were advertised as tools to help people download pictures, videos, or other content from sites including Facebook, Instagram, Vimeo, and Spotify.
Chances are you are reading this on either Google Chrome or Microsoft Edge, and you likely have a few extensions installed in an attempt to improve your web browsing experience.
A recent blog post from Micah Cantor went deeper into the challenge extension developers have in keeping their software free of malware.
This article caught my attention for a couple of reasons;
- Cybersecurity, with yet another example of why we need to be vigilant; and
- Browser/app problems tied to some software apps.
Micah’s article begins:
Browser extensions inject functions and features into your browser. Those functions and features may be of value to you, but they may also be a source of problems.
There are several cybersecurity questions, which can be summed up as –
Do you know what browser extensions exist in your browser and what they are doing?
[if you do not know then you may want to ask your IT service provider]
When we have assessed custom software problems, I mean very “sticky” software problems, we have encountered several user bugs tied to browsers. As one example, app login problems have happened when browsers were not cleared or refreshed. Perhaps, your browser extensions are generating login or other operating problems.
Even if you are not experiencing browser operating problems, it would be good to know your browser extensions are not bringing hidden cybersecurity risks for you or your organization.