The Chrome browser continues its battle to remain the champion of web security and stability with clockwork-like updates, security patches and bug fixes. While many unsavory internet attacks may come from malicious software, often times browser instability is the result of user-installed, third-party software that doesn’t play nice with Chrome.
According to the Chromium blog, many applications “inject” code into Chrome as part of their interaction process with the browser. Developers report that Chrome for Windows users that have these types of software installed are 15% more likely to experience a browser crash from the code injection.
Beginning with Chrome version 66, developers will begin rolling out a 3-phase plan to eliminate these such instabilities. The goal will be to give third-party developers ample time to repackage their apps in a manner that will use extensions and native notifications to eliminated the need for code injection. Hence, preventing crashes at the source.
Slated for release in mid-April of 2018, Chrome for Windows 66 will be the first step in the process and will alert users after a crash that a third-party software was to blame for the issue.
The next update will launch with Chrome 68 in July and will block software from injecting code with the exception being if this action prevents Chrome from starting. In this case, Chrome will restart and allow the code to be executed.
The final phase will not happen until January of 2019 at which time all code injection will be blocked from Chrome with the exception of a small handful of instances. Microsoft-signed code, accessibility software, and IME software will not be blocked.
Given a year and some change to test their software, third-party developers have little excuse to not be prepared when the 3-phase rollout comes to completion. Testing in Chrome Beta is highly recommended by the Chromium developers to ensure a smooth transition to a safer, more stable web experience for Windows users.
Source: Chromium Blog