Site icon Emsisoft | Cybersecurity Blog

Why does Chrome flag Emsisoft Anti-Malware as incompatible?

Chrome blocking incompatible applications

In November 2017, Google Chrome began rolling out an experimental feature to warn users about apps that might be causing instability in the browser. These alerts are designed to help you identify and remove software on your computer that is injecting code into Chrome, with the aim of making your browser more stable.

As the name implies, injecting code is the act of introducing code to an application. Many applications need to inject code in Chrome in order to function properly, but Google claims that users with software that injects code into Windows Chrome are 15% more likely to experience crashes. Consequently, the search engine giant is making moves to block all applications that inject code into its browser.

As the feature enters Phase 2 of the rollout, an increasing number of people are seeing the following popup window when their browser crashes:

While it’s nice to see Google improving the stability of the most popular browser on the planet, there is one problem with the feature in its current state: there’s nothing inherently malicious about injecting code into your browser. Sure, some malicious software relies on manipulating browser processes, but so do hundreds of legitimate applications – including, yes, Emsisoft Anti-Malware.

So, should you remove Emsisoft Anti-Malware if you see the above pop up?

Short answer: NO. Emsisoft Anti-Malware is not causing your browser to crash. Rather, Chrome’s new security feature is unable to distinguish between malicious and legitimate code. When Chrome crashes, it simply lists all apps that inject code.

Why is Emsisoft Anti-Malware triggering an alert in Chrome?

As noted, the new feature is designed to make Chrome more stable. However, instead of checking which programs are actually triggering problems, Chrome takes a blanket approach, warning you of any and all applications that are injecting code into the browser and encouraging you to remove the software in question – whether or not it’s actually malicious.

Emsisoft Anti-Malware, along with dozens of other antivirus software, uses code injections to monitor your browser for potentially malicious threats. Chrome identifies this behavior as interfering with the browser’s code and therefore lists Emsisoft Anti-Malware as an incompatible application when the browser crashes. Of course, the inverse is actually true: Emsisoft Anti-Malware is actively keeping you safe when you use Chrome and on the Internet in general.

This feature might seem a little over zealous but, according to a Google developer, it’s the only option as it’s impossible for Chrome to automatically determine if a piece of software is injecting code innocently or maliciously.

“Chrome dev here. This is related to a new feature that aims to prevent third party software from injecting into Chrome’s processes and interfering with its code. This type of software injection is rampant on the Windows platform, and causes significant stability issues (crashes). The Microsoft Edge browser already does this kind of blocking, and we are in the process of making Chrome behave similarly. What you are seeing is the warning phase of year-long effort to enable blocking, originally announced in November 2017.

 

Since it is effectively impossible for Chrome to automatically determine whether any particular piece of software is innocently injecting or purposefully injecting and interfering with Chrome code. To keep things simple we warn about all injected software, without making value judgments. Note that soon we will actually start blocking software from injecting, at which point this warning will cease to show. Note that you should only be seeing these crashes if you manually navigate to the chrome://settings/incompatibleApplications page, or on a startup after the Chrome browser has crashed.

 

Additionally, this feature is currently considered experimental so not all users will see these warnings.”

Should you uninstall “incompatible applications”?

If you’re an Emsisoft customer, you might have some questions about Chrome listing Emsisoft Anti-Malware as an “incompatible application”.

There is no need for concern, and there is no need to remove Emsisoft Anti-Malware from your system. Our software is not causing your browser to crash, and it is certainly not injecting anything malicious into Chrome. It is simply being listed due to the way Emsisoft Anti-Malware detects browser threats. Unfortunately, there is currently no way to disable this feature. Your best bet is to ignore alerts for Emsisoft Anti-Malware and any other legitimate software installed on your computer.

However, if Chrome issues an alert for a program that you’re not familiar with, it might pay to do your homework on what the software actually is before making an informed decision about whether to remove it.

You might not have seen one of these alerts yet, but that could change in the months ahead as Google rolls out the feature to more users. You can see if the feature is available to you by entering chrome://settings/incompatibleApplications into the address bar in Chrome. This will display a list of all programs that inject code into Chrome.

You’ll stop seeing the alerts in January 2019 when Phase 3 arrives and Chrome automatically starts blocking programs that inject code into the browser. We’ll keep you updated on any developments.

Emsisoft Enterprise Security + EDR

Robust and proven endpoint security solution for organizations of all sizes. Start free trial

Have a great (malware-free) day!

Exit mobile version