Reported as being on the browser’s long list as long ago as April 2011, the version 17 beta includes the ability to relate known malicious websites detected using the software’s Safe Browsing API, blocking downloads hosted on such domains.
The release notes mention only .exe and .msi files as being covered, but the developers offer hope that this will be extended over the course of 2012.
“Remember, no technical mechanism can ever protect you completely from malicious downloads. You should always be careful about which files you download and consider the reputation of their source,” said Google developer, Dominic Hamon.
In other words, the effectiveness of the technology will always depend on the ability of the central Safe Browsing system to quickly detect which domains are suspect, and that’s never going to be perfect.
The feature will also be able to block downloads from domains identified as being sources of malicious files, which covers legitimate domains that have been hijacked to host malware.
The benefit of the new security layer is to protect against files the user agrees to download without realising the danger in doing so, a common element of many fake anti-virus programs to pick one scenario.
The Chrome 17 beta also shows off the software’s new address bar which will in some cases be able to start loading web pages before the full address has been entered.
If the algorithms determine that the site is likely from the entered text, Chrome will be able to pre-render them, reducing loading times to near instant, Hamon said.