Google Chrome web browser blocks Java, Silverlight and many other plugins in its latest version. The search engine giant today released the latest version of its Chrome web browser version 42. The latest version of Chrome will block Java and other NPAPI (Netscape Plugin Application Programming Interface) based extensions.
After working of more than a year, Google is finally ready to end the official support for NPAPI and block the relevant plugins like Oracle’s Java and many more. The company has been working on removing NPAPI support since 2013 and finally the latest update comes with a new API.
The official announcement made by Google Chrome team states,
“The Chrome team is overjoyed to announce the promotion of Chrome 42 to the stable channel for Windows, Mac and Linux. Chrome 42.0.2311.90 contains a number of fixes and improvements”.
Chrome 42 supports PPAPI, a new API and hence the incompatible extensions and plugins are blocked by default. NPAPI is an old and obsolete API and often leads to plugin crash/hang and other security incidents, hence Google decided discarding it in its latest web browser update.
Any content requiring NPAPI will not load on Chrome 42 and there won’t be any error messages either. But if you are using those plugins via the web browser, you might get a prompt to install a relevant plugin.
Furthermore, no NPAPI based plugins or extensions will be available in the Google Web Store, search results as well as in the category pages. Google urges the developers to update their NPAPI based extension to make them compatible to the latest Chrome 42.
Existing users can however, still use those plugins by re-enabling them directly in their web browser. Just type Chrome://flags on the address bar, scroll down and locate NPAPI settings and click on enable. Restart the browser and you can use those plugins. Google will disable the support completely by coming September and users can use the NPAPI based plugins till then.
Chrome 42 also brings many bug fixes, security updates, and functionality improvements. Many security vulnerabilities are also addressed in the latest update including Cross-origin bypass, Scheme issues, Open Search, HSTS bypass in Web sockets and more.
Chrome user? Take a look at this Google Chrome tips & tricks post.
I’m using that version of Chrome at the moment. I just went to “Browserscope” and found, with Chrome being “vanilla” insofar as “ScriptDefender” and other xxs-type extensions, that it scored 16/17 re security; as usual, it failed the “toStatic HTML API” test, which (in absence of any known way to alter Chrome’s settings or of any protective extension) pretty much means that a user is still susceptible to having a homepage or search engine hijacked by a malicious site or link,
In addition to the usual ability to “reset to default” should a hijack occur, I believe in this version of Chrome a small window opens at time browser changes, allowing you to both know it happened and immediately reset. For now, it’s become a replacement to me for Firefox, which even “vanilla” has been having problems with many sites…mainstream sites; also, it was crashing instead of closing, or often running in background despite closing.
My only concern is for eventually making it impossible to allow even one instance of Java, Silverlight, et al; I just tried “vanilla” Chrome at some corporate and government sites I know use Silverlight for public info web apps; at some Chrome gave me a constant “wait” wheel in tab bar, but pages functioned normally; I tried with up-to-date IE11, and got the same results minus wait wheel. Should any browser however come to treat all “lazy coding” or Java/Silverlight as if it were de facto malicious, ala Firefox functionality could be lost at some common sites…an impetus for webmasters to do better, perhaps, in a time 74% of sites affected by Heartbleed last year still have the vulnerability, e.g..
Thanks for a great article, hope I said something that matters, cheers to all!
I really hate such radical changes. Forced UI changes and stuffs like that really bother me.
Switch to Palemoon, is like Firefox or Chrome, less the lame radical changes like these one listed here.
Here’s to Chrome dying a slow miserable death and Google with it. I don’t think they’ll win this battle unfornately. Too many enterprises depend on Java.
Well there goes our support of chrome. One of our main products uses Silverlight. I’ve always recommended Chrome to our customers. Looks like now we are going to have to recommend IE or Firefox since there is no way we can rewrite this software.
How can such a radical change occur without prior notification. There is obviously no customer care or consideration. We use Silverlight for our UI and promoted the use of Chrome. We will now be recommended IE, Firefox or any other browser.
Nonsense!!! Blocking Silverlight?! REALLY???????? I’m beyond annoyed…I’ve used Chrome for quite some time now and have all my bookmarks and passwords saved, organised and all in one (which increased my productivity)…and now will have to switch it all to Firefox…all Chrome did for me is now pretty much ruined…RIDICULOUS!!!
wow. You know, I resisted switching over to Chrome (from Firefox…I was a diehard until it started getting wonky on me about a year ago) for longer than many. But we use Google Drive for SO much at work (I’m a teacher), so I finally took the plunge. And now this. Now what? Back to Firefox? Ugh.