Google Chrome will warn users about password-protected malicious archive files

Google Chrome is now warning when users are about to download risky password-protected archives, and providing improved warnings with more specific information about potentially downloaded files. toxic potential.

Such new, more detailed warnings help users quickly understand the nature of the danger posed by each malicious file downloaded from the Internet. This is possible thanks to Google's successful implementation of a two-layer download warning system, which uses AI-powered malware judgment data sourced from the company's Safe Browsing service to help assess malware. Realistic risk pricing quickly.

Chrome users will see warnings about suspicious files or dangerous data (based on an assessment of high reliability and risk of harm to the user). There will be two levels of warnings, differentiated by icons, colors and text to help users easily stay informed and make the best choice for themselves based on the nature of the hazard and recommendations. by Safe Browsing.

Google hopes these improvements in clarity and consistency will lead to significant changes in user behavior, including fewer alerts being ignored, alerts being noticed faster, and end intent and better protect users from malicious downloads.

Google Chrome will warn users about password-protected malicious archive files Picture 1

​Chrome browser will also send suspicious files to Google's servers to conduct deeper scans for users with Enhanced Protection mode enabled in Safe Browsing, providing additional optimal protection.

When downloading password-protected archives (e.g. zip, .7z or .rar), users with Enhanced Protection enabled will be prompted for the password before sending the file for additional scanning through the service Google's Safe Browsing.

The company says files and file passwords uploaded to its servers will be deleted immediately after scanning, and all data collected will only be used to enhance security for all Chrome users.

Chrome users in Standard Protection mode will also be asked to enter passwords for downloaded archives. ​However, both the file and password remain on the local device, and "only the metadata of the stored content is examined using Safe Browsing," the Chrome Security team said.

Google Chrome will warn users about password-protected malicious archive files Picture 2

Thus, in this mode, users are still protected as long as Safe Browsing has previously detected and classified malware.

Today's announcement comes after Google redesigned the download experience on Chrome in August, to display warnings in the web browser's address bar as well as expand browser warnings and notifications to accommodate additional information.

However, despite the above assurances, many companies may still require employees not to provide Chrome with passwords for archive files containing company data, to prevent the possibility of data leaks.

Samuel Daniel

Update 28 July 2024