Google to put Chrome Frame to pasture in 2014

You're all using modern browsers anyway, right?


After four years Google is retiring Chrome Frame, its browser plug-in that embeds the Chrome HTML rendering and JavaScript engines inside Internet Explorer.

"It's unusual to build something and hope it eventually makes itself obsolete," Chrome engineer Robert Shield wrote in a blog post on Thursday, "but in this case we see the retirement of Chrome Frame as evidence of just how far the web has come."

Google first launched Chrome Frame in September 2009, around the same time it was betting that Google Wave – a complex browser-based chat app that relied heavily on web standards – would revolutionize online communications.

Wave wouldn't run on IE, which at the time led the industry in browser market share. So Google gave users a way to use IE and Chrome at the same time, by cramming Chrome into an IE tab.

At the time, Microsoft lambasted the move, claiming it would make IE inherently less secure.

"Given the security issues with plug-ins in general and Google Chrome in particular, Google Chrome Frame running as a plug-in has doubled the attack area for malware and malicious scripts," Microsoft wrote in a statement. "This is not a risk we would recommend our friends and families take."

Security experts doubted the risk, especially given how notoriously vulnerable IE was already. And Jeremiah Grossman of WhiteHat Security pooh-poohed the idea of Chrome-specific malware to The Reg, citing its "insignificant market share."

These days, of course, many metrics show Chrome as the leading web browser. And although IE's share has declined, even IE 10 performs far better with respect to web standards than did IE 8 in 2009.

"Today, most people are using modern browsers that support the majority of the latest web technologies," Shield wrote. "Better yet, the usage of legacy browsers is declining significantly and newer browsers stay up to date automatically, which means the leading edge has become mainstream."

For these reasons, Shield said, Google has decided that Chrome Frame is no longer necessary. As an alternative, he recommends you install Chrome or some other standards-compliant browser – or, if you still need to run certain web apps on an older browser, Shield recommends you use Chrome's Legacy Browser Support, which can be used to maintain a list of sites that should launch in a secondary browser, such as (shudder) IE 6.

Google says it will continue to maintain Chrome Frame throughout 2013, but it will cease all support and updates for it in January 2014. ®


Keep Reading

Microsoft emits 112 security hole fixes – including the cure for a Google-disclosed kernel vuln exploited in the wild

Patch Tuesday Android, Adobe, SAP, Red Hat join the bug-busting party

Microsoft will adopt Google Chrome's controversial Manifest V3 in Edge

Thought Microsoft would resist Google's ad-friendly tweaks to the browser extension API? Think again

Marketers for an Open Web ask UK competition watchdog to block launch of Google's anti-tracking Privacy Sandbox

Group claims adtech 'has nothing to do with privacy' but is rather an attempt 'to take control of the web'

Not just Microsoft: Auth turns out to be a point of failure for Google's cloud, too

Google has a better track record but the same issue: when authentication breaks, everything breaks

Google Firebase Cloud Messaging offers spam tier for some – no account required, just knowledge of bad security

All that's necessary is willingness to abuse server keys exposed in apps and some technical know-how

Microsoft reprieves SHA-1 deprecation in Edge 85 security baseline

Wait! What? Aaah ... legacy systems strike again, but won't get another bite

Google's home security package flies the Nest, Chocolate Factory pledges software support – for now

In brief Plus: Immigration lawyers for Mountain View breached, SonarQube hack worse than thought, and more

Another day, another Google cull: Chocolate Factory axes 49 malicious Chrome extensions from web store

Ongoing Chrome Web Store security saga deftly straddles tragedy and farce

Biting the hand that feeds IT © 1998–2021