In order to eliminate crashes in Chrome, Google has implemented a new feature that reports "incompatible applications" to users after the browser crashes. These warnings are displayed for programs that inject code into the browser and prompt users to remove the incompatible applications.

BleepingComputer reported on this feature in November 2017 and explained how Chrome was adding alerts regarding programs that could cause instability in Chrome. This feature is gradually being rolled out in three phases, with it first showing users warnings after a crash, now prompting users to uninstall the applications, and eventually blocking the code injection altogether.

Phase 1 started in April 2018, when Chrome 66 started alerting users after a browser crash of programs that are injecting code.

Warning about Code Injection in Chrome
Warning about Code Injection in Chrome

Phase 2 began in July of 2018 with Chrome 68 and started displaying incompatible application alerts after Chrome crashed. These alerts list programs that inject code in some manner into Chrome and prompt users to remove the offending applications.

This phase has started recently and since then there have been numerous reports from users about these issues. You can see examples of these types of alerts below for Malwarebytes and BitDefender.

Malwarebytes listed as an incompatible application in Chrome
Bitdefender listed as an incompatible application in Chrome

Phase 3 is starting in January 2019 with Chrome 72 and will automatically block the code injection from these programs.

As this feature is gradually being rolled out, not all users will be seeing these messages yet. Over time, though, the feature will roll out to more users and if you use programs that inject code or hook into Chrome, you can expect to begin to see them after Chrome crashes.

If this feature is currently available, you can see a list of incompatible applications by enter chrome://settings/incompatibleApplications into the address bar in Chrome.  This will show a list of all detected programs and prompt you to remove them.

AV software commonly detected as incompatible applications

Since this feature was enabled in July, there have been an increasing number of reports about antivirus software being listed as incompatible applications by Chrome. Some of the antivirus applications that we have seen reported as incompatible applications include Malwarebytes, BitdefenderEset, Emsisoft, and AVG, IOBit, Avast.

The reason these applications are commonly listed is because security programs may inject code or hook functions in Chrome in order detect browser threats such as malicious downloads, sites, or exploits.

Strangely, there are many other programs that are also being listed as incompatible applications such as TortoiseGit 2.6.0.0 (64 bit), TortoiseSVN 1.10.0.28176 (64 bit), Stardock, Acronis True Image, Dropbox, FileZilla, Acer Power Manager software, and RocketDock. While antivirus software I can understand being listed, some of these programs are a bit surprising.

According to a Google dev who posted to a Google help forum question regarding these alerts, they have no way of determine programs who are innocently injecting code or purposely and will continue to report on all of them.

"Chrome dev here. This is related to a new feature that aims to prevent third party software from injecting into Chrome's processes and interfering with its code. This type of software injection is rampant on the Windows platform, and causes significant stability issues (crashes). The Microsoft Edge browser already does this kind of blocking, and we are in the process of making Chrome behave similarly. What you are seeing is the warning phase of year-long effort to enable blocking, originally announced in November 2017.

Since it is effectively impossible for Chrome to automatically determine whether any particular piece of software is innocently injecting or purposefully injecting and interfering with Chrome code. To keep things simple we warn about all injected software, without making value judgments. Note that soon we will actually start blocking software from injecting, at which point this warning will cease to show. Note that you should only be seeing these crashes if you manually navigate to the chrome://settings/incompatibleApplications page, or on a startup after the Chrome browser has crashed.

Additionally, this feature is currently considered experimental so not all users will see these warnings."

Should you remove incompatible programs listed by Chrome?

We have to remember that Chrome is adding this feature not only to prevent crashes in Chrome but also to protect users from malicious programs that may be injecting code into the browser. Therefore, users will need to judge whether a program should be removed or not when they see these alerts.

When it comes to security software, I would think more people would prefer to have a fully functional antivirus software on their computer with occasional browser crashes, rather than no protection at all. Therefore, if Chrome is displaying your antivirus software as an incompatible application, I suggest you ignore the warning for now.

On the other hand, if Chrome is listing programs that you do not recognize or use often, then it may be a good idea to remove them or at least do some research as to what they could be in case they are malicious.

At this time, Google has not provided a means to disable this feature and really should do so before January 2019 when it will automatically block code hooks. Ideally, Google will provide a method to whitelist programs, such as antivirus software or other programs that users wish to use alongside Chrome.

Bleeping Computer had contacted Google regarding this story over the weekend, but had not heard back at the time of this publication. This article will be updated as more information becomes available.

Via: WindowsLatest.com

Related Articles:

Internal Chrome Page Shows All Google Interstitial Warnings

Chrome 71 Will Warn Users about Deceptive Mobile Billing Pages

Chrome 71 Will Block All Ads on Abusive Sites in December

TLS 1.0 and TLS 1.1 Being Retired in 2020 by All Major Browsers

HP PCs Getting WDF_VIOLATION BSOD After Installing Windows 10 Updates