Microsoft Edge has an ever-growing selection of web extensions, thanks mostly to the browser now running on Chromium and allowing Chrome web extensions. However, Microsoft has removed some malicious extensions over the weekend after complaints from users.

Specifically, some Microsoft Edge users found Google Searches were redirecting them to oksearch.org/xa2/click.html and to other websites.

Users took to Reddit to warn of the problem and Microsoft was quick with a response. The company says the redirect was happening due to malicious extensions from the Microsoft Store. These extensions were acting as VPN clients even though they were not.

Discussing the issue on Reddit, Microsoft says the following fake VPN services were removed from the store:

  • NordVPN
  • Adguard VPN
  • TunnelBear VPN
  • The Great Suspender
  • Floating Player – Picture-in-Picture Mode

Avoiding Malicious Extensions

Of course, some of those names are real VPN services. However, the extensions are not official and were created to fool users. Microsoft Edge users with these extensions should remove them.

Microsoft points out there are likely more extensions doing the same. The company asked users to help find those malicious add-ons:

“If you have more than just these extensions, and continue to see ad injections, please reply to this comment with a list of your extensions so that the team can investigate further.”

One way to possibly avoid this problem is to download Edge extensions from the Chrome extension store. Microsoft Edge is based on the Chromium engine and supports add-ons from Microsoft and Google stores.

That said, it is not as if Google’s store is invulnerable.