Google bypasses admin controls with latest Chrome IE
-{ Quote: " (http://www.wilderssecurity.com/)Google has released a new version of Chrome Frame – the Internet Explorer plug-in that turns Microsoft's browser into a Google browser – letting users install the plug-in even when they don't have administrator privileges on their machines. (http://www.wilderssecurity.com/)" }-
http://www.theregister.co.uk/2011/06/21/google_chrome_frame_installs_without_admin_rights/
(http://www.wilderssecurity.com/)

Why does your sentence and quote link to Wilders?

Anyways, this looks quite useful, I might slip it on my school computer (which still uses the snail IE8 ).

-{ Quote: "Why does your sentence and quote link to Wilders?
" }-

I was wondering the same thing.

Anyway, interesting nonetheless. Can't say I would use it however.

What exactly does this product do?

It's an IE plugin that replaces the rendering engines with Chrome's WebKit and V8.

That's awesome.

So, is this good news or bad news? ::)

Microsoft would say bad news.

Google would say good news.

Hmmm,

Google frame is essentially nothing more than a regular BHO with the exception of taking up the entire IE client rect and taking advantage of the IWebBrowser2 COM interfaces. However... just imagine the possibilities here... malware could hijack the entire rendering process with a customized 'rendering frame' ... just imagine what type of advertisements would be possible if Adware have complete control of an entire html/css/java rendering engine.

I predict that this will drive System Administrators crazy. Perhaps some of them will go postal. Just imagine spending several hours deploying group policies for internet explorer on all of the office workstations... google frame will instantly bypass all of them. Sure it will be possible to globally disable "Allow third-party browser extensions" but it might not be feasible for all office environments. The only other option is to disable the google frame GUID. But then you can bypass this by simply recompiling google frame with a new GUID.

My suggestion for Microsoft would be to add a new group policy. "Only allow signed browser extensions".

Best Wishes,
-MessageBoxA

-{ Quote: "Why does your sentence and quote link to Wilders?" }-

I have no clue ::) Something must have gone wonky when I was putting in the link to the article ???

-{ Quote: "What exactly does this product do?" }-

It's been around a while, but what's new, and the reason for the article, is now Google figured out how to get it to work for users without admin rights.

-{ Quote: "I predict that this will drive System Administrators crazy" }-

It already does. This news was announced a few months back and all I've heard is rage. :(

I don't see why Google found it necessary to do this. Keeping it admin-only should have been good enough.

Has anyone at Wilders used it?

To what extent does it replace having the Chrome browser installed?

-{ Quote: "Has anyone at Wilders used it?

To what extent does it replace having the Chrome browser installed?" }-

I am using it for months, but I dont use IE for other than updating Windows. But yeah, I dont like the way they add google update in startup and scheduled jobs. Other than that, in my experience it is good, especially I am seeing much improvement of time its taking to update windows. I have a lot MS products installed, and it used to take at least 30 min to check for updates even when the computer is almost idle, sometimes even 45 min. But after installing Chrome Frame, its down to 10 min. Loading time of BHOs have improved too. While testing via browserscope, it detects the Chrome Frame and the results are same as of respective Chrome build. But I am not sure how sandboxing works via Chrome Frame and if there are any potential problems for this "hybrid" activity.

The rendering speed is quite good and can confirm my current setup doesn't have any problems with it as far I have tested. Prevx SafeOnline works too with this. But remember, it sets to check for updates each hour!!! It can be checked in Scheduled Jobs, but after each update this will be added again. Also it needs to be allowed to connect to net, it did not work here when I disallowed to connect.

Note: If checked using Secunia, it detects Chrome Frame as Chrome's actual installation and recommends to update if available.

-{ Quote: "I am using it for months, ../." }-

Thanks for sharing :)

What I'm getting at is to what extent Chrome Frame can replace the Chrome browser. So what will happen to the built-in Flash and PDF Reader? Will these be there assuming CF is installed on a Win PC that has never had the Chrome browser installed?

If there's a FAQ on CF, I'd appreciate a link. I haven't come across one.

Here you go:

http://www.chromium.org/developers/how-tos/chrome-frame-getting-started/chrome-frame-faq

-{ Quote: "Here you go:

http://www.chromium.org/developers/how-tos/chrome-frame-getting-started/chrome-frame-faq" }-

Thank You very much!

-{ Quote: "Does Google Chrome Frame handle the display of all websites when I install it?
No, only sites that explicitly opt-in to using it will take advantage of its capabilities.

I installed Google Chrome Frame and I think I’m on a site that uses it. How do I tell?
If you right-click on the page, you should see an item at the bottom of the context menu that reads “About Chrome Frame...”.

If I install Google Chrome Frame will it break any websites I use?
No, Google Chrome Frame only kicks in when a website explicitly requests it. When visiting websites that aren’t Google Chrome Frame enabled, your browsing experience remains completely unchanged.
" }-

Okay, that's a bit of a downer :(

But there's this near the end ...
-{ Quote: "Will Google Chrome Frame make Internet Explorer less secure?
When a web site uses Google Chrome Frame as a renderer it gets to utilize almost all of Chrome’s security infrastructure including sandboxed renderer, sandboxed plug-ins, safe browsing and so on. Google Chrome Frame is auto updated with every Google Chrome release and more than 90% of its users are updated within a week.

Now imagine that you have a set of Internet Explorer 6 machines and it was possible to deploy Google Chrome Frame to render everything by default except a few intranet sites that work only with IE6, what would you get?

The enhanced security of sandboxed renderer, sandboxed flash/PDF, effectively replacing IE with Google Chrome’s rendering engine whilst browsing the wild, wild Internet.
Legacy compatibility of Internet Explorer whilst accessing intranet sites.
Industry-leading response rate for high and critical risk reported vulnerabilities.
Google Chrome’s auto update strategy that is speedy and easy to administer.Luckily such a mode is available, read more about it here: Chrome Frame as a default renderer." }-

On balance, my hasty conclusion is that there's no point in going the CF route if there's the freedom to install a regular Chrome browser.