Skip to main content

Chrome has a security problem — here’s how Google is fixing it

Google Chrome icon in mac dock.
PixieMe / Shutterstock

Google is looking to get ahead of high-severity vulnerabilities on its Chrome browser by shortening the time between security updates.

The brand hopes that more frequent updates will give bad actors less time to access and exploit n-day and zero-day flaws found within Chrome browser code.

As of Wednesday, the brand has rolled out Google Chrome 116, which includes the new schedule. Previously a bi-weekly update, Chrome will now be treated to weekly security updates.

With the open-source nature of Chromium, anyone is able to access the Chrome browser source code, “submit changes for review, and see the changes made by anyone else, even security bug fixes,” Google said on its security blog.

Typically, community members from Google’s Canary and Beta channels notify the brand of various issues of stability, compatibility, or performance that can be addressed before stable updates are sent to the public. This openness is double-edged; however, as bad actors have the same access as good-faith users, allowing them real-time details on vulnerabilities before updates are deployed to a wide range of public users. If taken advantage of, such an attack is called an n-day exploitation.

This is why Google hopes shortening the time between security updates can assist in deterring nefarious users from gaining information about vulnerabilities in Chromium code. Usually, the time between security updates is used for testing prior to a public release. Google first observed this to be an issue in 2020 when its patch gap between updates was approximately 35 days. It then shifted to a biweekly update schedule with the release of Chrome 77.

The brand noted this latest schedule still won’t deter all n-day exploits but can minimize them further. In practice, more frequent security updates offer less time for bad actors to exploit flaws that require detailed paths and more development time. Over time, there is also the likelihood that bad actors will find ways to create faster exploits.

There is also the possibility that the frequency of security updates could eventually truncate even more, with patches being deployed as soon as they’re available.

Google stated it now tackles “all critical and high severity bugs as if they will be exploited.”

Even so, the brand has come to see n-day exploits as just as dangerous as zero-day exploits, which are vulnerabilities that were previously unknown and therefore unaddressed with a patch or update.

Google also recently announced its plans to enable separate Chrome browser support for ChromeOS as of the ChromeOS 116 release. This update would especially benefit Chromebooks, extending the netbooks far longer than their typical software lifespan. The ChromeOS 116 release is scheduled for August 22.

Editors' Recommendations

Fionna Agomuoh
Fionna Agomuoh is a technology journalist with over a decade of experience writing about various consumer electronics topics…
Google’s Incognito Mode is in trouble
Google Chrome incognito mode screenshot

Google could soon be on the hook for deleting the private data of millions of users if the proposed settlement of a class action lawsuit is approved, according to The Verge.

The settlement proposal is part of the Brown v. Google lawsuit, for which the tech giant has agreed to “destroy or de-identify” the web browsing data it has saved from people utilizing the “Incognito Mode” feature on the Google Chrome browser. Google would be responsible for deleting billions of records and making sure undeletable records are not associated with individual users.

Read more
Wi-Fi not working? How to fix the most common problems
the fbi wants you to reboot your router insecure getty

Wi-Fi problems can strike anyone at any time, no matter how much networking experience you may have. But if you've not come across a particular Wi-Fi issue before, there's no need to worry if you don't know how to fix it. All you need are the right tools and a few tips, and you'll be able to solve your Wi-Fi problem in no time.

Whether you're experiencing problems with slow internet, Wi-Fi signal dropping, or you just can't connect to Wi-Fi at all, here are some of the quickest and easiest fixes you can try. We'll also cover some advanced advice on more troubling issues that would definitely result in your Wi-Fi not working at all, or at slower speeds.
Basic Wi-Fi troubleshooting checklist
If you have a non-specific problem with your Wi-Fi or don't consider the problem serious enough to investigate more in-depth problems, consider the items on this list as a great way to start fixing your problem.

Read more
How to use Google Gemini, the main challenger to ChatGPT
The Google Gemini AI logo.

Google's Gemini AI chatbot has quickly become one of the major players in the generative AI space. Despite its rocky start, Gemini is one of the only true competitors to ChatGPT. Here's everything you need to know about it.
What is Google Gemini?
Google first introduced its AI endeavor as Bard in March 2023 in a free and experimental capacity. The chatbot was originally run on the LaMDA large language model (LLM).

In August 2023, it introduced Google Duet as an enterprise option featuring AI-inundated Workspace apps, including Gmail, Drive, Slides, Docs, and others.

Read more