Google Chrome Frame makes IE less secure, says Microsoft


The recent release of an open source project that allows Google's Chrome browser to run from within Microsoft's Internet Explorer has the Redmond based company up in arms. Called Google Chrome Frame, benchmark tests have already shown that using it allowed IE8 to run almost 10 times faster, at least where JavaScript performance is concerned. In addition, it also adds HTML 5 support to IE in the same manner.

To utilize the plug-in, Chrome Frame and Google Chrome must first be installed. Once done, tapping into Chrome is as simple as modifying the URL of a site with a "cf:" preface. In addition, Chrome can also be called by a website using a single HTML tag. According to Google, the plug-in is necessary in order to get IE to support advanced web applications.

While the company is obviously not keen on it, Microsoft also feels that the plug-in makes Internet Explorer less secure. A spokesperson told Ars Technica that Microsoft has "made significant advancements and updates to make our browser safer" and that Google Chrome Frame doubles the potential vulnerability point for malware and scripts.

While part of what Microsoft says sounds like PR talk, it is also logical and makes sense on a technical level. However, as Emil Protalinski pointed out in the Ars Technica article referenced below, the plug-in also works for IE6 and IE7, both of which are much less secure than IE8. In such a situation, the use of Google Chrome Frame might ironically make IE more secure.

For more on this story:
- check out this article at Ars Technica
- check out this article at Computerworld

Related Articles:
Google Chrome 3.0 arrives
Google unveils Chrome cloud synchronization plans
Google's Chrome defies hackers
No rush to move Chrome in the enterprise