'ExtensionInstallForcelist' Chrome Policy is Being Abused by Shady Add-ons

Google Chrome policies are behind-the-scenes settings that both users and add-on developers can use to fine-tune various parts of the Google Chrome experience. However, there is a questionable policy, which contains a list of extensions that are 'force-installed.' But what does this mean? According to the official Chromium documentation, force-installed apps:

  • Are installed silently.
  • Do not require user interaction for their installation.
  • Cannot be deleted or uninstalled by the user.
  • Permissions that the extension asks for are granted automatically.

Needless to say, this is a major security concern, which could ruin your Web browsing experience if a low-quality add-on gets to add itself to this list. Unfortunately, this has happened numerous times and continues to happen today. Some of the suspicious add-ons to make use of the 'ExtensionInstallForcelist' Chrome Policy are Search Marquis, Search Baron, Safe Finder, and others. Typically, these add-ons serve the purpose of promoting a 3rd-party search engine by configuring it as the default search engine or new tab that Chrome uses.

'ExtensionInstallForcelist' May Make Manual Removal of Add-ons a Challenge

Usually, such add-ons are removable manually, but the 'ExtensionInstallForcelist' Chrome Policy prevents this. If a user tries to remove the suspicious add-on from the extension manager, they will encounter the 'Managed by your organization' Chrome Warning.

Since this is a browser-specific issue, it can bother users of not just Windows but also Linux and Mac. The good news is that regardless of how hard such add-ons try to make their removal difficult, their attempts will be in vain if the user ends up running a reputable security tool. Modern anti-malware products will help you remove suspicious add-ons abusing the 'ExtensionInstallForcelist' Chrome Policy.

April 30, 2021

Leave a Reply