In the last week there has been a tremendous malware campaign exploiting Browser extensions. Read more about it here –https://www.csa.gov.sg/alerts-advisories/alerts/2024/al-2024-107
Why Browsers?
Think about it – the browser is the single most random code execution environment on the endpoint. You go to a website and to render that website the browser downloads and runs client side code that executes on the endpoint in the browser. While many modern browsers implement sandboxing and there are mitigating techniques like Web Isolation – most of them do not offer much protection against extensions.
For organizations, securing Chrome extensions via Group Policy (GPO) is a robust way to maintain control over what can be installed on users’ browsers. Here’s how you can implement Chrome extension security using GPO.
Open Group Policy Management Console
On your domain controller, open the Group Policy Management Console (GPMC).
Right-click on the Organizational Unit (OU) where you want to apply the policy, and select Create a GPO in this domain, and Link it here.
Configure Extension Management Settings
In the GPMC, right-click your newly created GPO and select Edit.
Navigate to Computer Configuration > Administrative Templates > Google > Google Chrome > Extensions
Here, you can configure the following key settings, that will allow for effective management of Browser Extensions in Google Chrome
Configure extension installation blocklist: Use this setting to block specific extensions. You can specify extensions by their unique IDs, ensuring they cannot be installed on any Chrome browser managed by this GPO.
Configure extension installation allowlist: This setting allows you to specify which extensions are allowed. Only extensions listed here can be installed, which is particularly useful in a highly secure environment.
Configure force-installed extensions: If there are critical extensions that must be installed on all managed devices, use this setting. You’ll need to provide the extension ID and the URL of the Chrome Web Store or your custom extension source.
Using Group Policy to manage Chrome extensions is an effective way to enhance security within your organization. By controlling which extensions can be installed and ensuring that essential ones are automatically deployed, you reduce the risk of malicious extensions compromising your network.
This approach not only protects your users but also simplifies the management of browser security across the enterprise.
Security Bytes 