AVG Chrome Extension Makes Users Vulnerable
You would think that installing extension that is bundled with your anti-virus software will make you more secure but as it turns out, at least in this case, it’s the opposite.
What are we talking about? The extension called WebTuneUp, which flags search results that might appear suspicious, although Google already does the very same thing, it looks like AVG did a pretty decent job at convincing that you need more protection.
And just as with every software, a new exploit has been found, as explained by Tavis Ormandy, “This extension adds numerous JavaScript API’s to Chrome, apparently so that they can hijack search settings and the new tab page. The installation process is quite complicated so that they can bypass the chrome malware checks, which specifically tries to stop abuse of the extension API. Anyway, many of the API’s are broken.”
Since then AVG patched the extension (it took them 4 days), but that’s what you get for bundling software with crapware.
[Via: Ars]
About (Author Profile)
Vygantas is a former web designer whose projects are used by companies such as AMD, NVIDIA and departed Westood Studios. Being passionate about software, Vygantas began his journalism career back in 2007 when he founded FavBrowser.com. Having said that, he is also an adrenaline junkie who enjoys good books, fitness activities and Forex trading.