Google ditches Chrome Cleanup Tool for Windows systems • The Register

Google ditches Chrome Cleanup Tool for Windows systems • The Register


Google is bidding adieu to an application that enabled Chrome users on Windows systems to get rid of unwanted software.

The Cholocate Factory’s Chrome Cleanup Tool was introduced in 2015 – initially as a standalone product and later integrated into the Chrome browser – and has run more than 80 million cleanups over the past eight years.

But newer tools that can protect surfers and a changing threat landscape are making the Chrome Cleanup Tool increasingly irrelevant, so with the release this week of Chrome 111 for Windows (and for Mac and Linux, for that matter), the cleanup app was swept out.

“Starting in Chrome 111, users will no longer be able to request a Chrome Cleanup Tool scan through Safety Check or leverage the ‘Reset settings and cleanup’ option offered in chrome://settings on Windows,” Jasika Bawa, product manager with Google’s Chrome Security Team, wrote in a post. “Chrome will also remove the component that periodically scans Windows machines and prompts users for cleanup should it find anything suspicious.”

According to Google’s Unwanted Software Policy, most of the applications that fall into that category include such characteristics as being deceptive or tricking users into installing it, affecting the user’s system in unexpected ways, being difficult to remove, and collecting or transmitting private information without the user’s knowledge.

The Chrome Cleanup Tool likely won’t be missed by too many users. The number of complaints about unwanted software on Windows has steadily dropped in recent years, averaging about 3 percent of total complaints over the past year, Bawa wrote.

The number of discoveries of unwanted software on Windows systems has also fallen off, with only 0.06 percent of Chrome Cleanup Tool scans run by users in February finding such software.

That said, there are any number of apps and tools that can be used to protect users from malware. Microsoft offers its Defender Application Guard browser extension, for example.

Google also automatically provides what Bawa said are more proactive tools, including Google Safe Browsing and antivirus software, both of which block file-based unwanted software. Users can also turn on Enhanced protection, another security tool that shares real-time data with Safe Browsing to protect against dangerous websites and downloads.

Most filed-based unwanted software has moved to extensions, which Google tries to weed out through a review process for the Chrome Web Store, she wrote.

The other change dooming the Chrome Cleanup Tool is the shift by threat groups to stealing identities and compromising credentials to get into corporate networks rather than through malicious software. In the browser space, that has included an emphasis on cookie theft.

“As such, we’ve doubled down on defenses against such malware via a variety of improvements including hardened authentication workflows and advanced heuristics for blocking phishing and social engineering emails, malware landing pages, and downloads,” Bawa wrote.

Cybersecurity firm Sophos said in a report last year that the increased use of multi-factor authentication (MFA) has hindered miscreants’ ability to use stolen credentials to grab user account names and passwords.

“Attackers are increasingly turning to stealing the ‘cookies’ associated with credentials to clone active or recent web sessions – bypassing MFA in the process,” researcher Sean Gallagher wrote.

This comes against the backdrop of the once-simmering competition between Google and Microsoft in AI that ramped up rapidly in the last few months with Microsoft’s introduction of the ChatGPT chatbot into Bing – and many other parts of the Microsoft empire – and Google’s counterpunch with Bard. ®

You May Also Like…