Skip to main content
  1. Home
  2. Computing
  3. News

Chrome has a security problem — here’s how Google is fixing it

Fionna Agomuoh
By
Google Chrome icon in mac dock.
PixieMe / Shutterstock

Google is looking to get ahead of high-severity vulnerabilities on its Chrome browser by shortening the time between security updates.

The brand hopes that more frequent updates will give bad actors less time to access and exploit n-day and zero-day flaws found within Chrome browser code.

Recommended Videos

As of Wednesday, the brand has rolled out Google Chrome 116, which includes the new schedule. Previously a bi-weekly update, Chrome will now be treated to weekly security updates.

Related

With the open-source nature of Chromium, anyone is able to access the Chrome browser source code, “submit changes for review, and see the changes made by anyone else, even security bug fixes,” Google said on its security blog.

Typically, community members from Google’s Canary and Beta channels notify the brand of various issues of stability, compatibility, or performance that can be addressed before stable updates are sent to the public. This openness is double-edged; however, as bad actors have the same access as good-faith users, allowing them real-time details on vulnerabilities before updates are deployed to a wide range of public users. If taken advantage of, such an attack is called an n-day exploitation.

This is why Google hopes shortening the time between security updates can assist in deterring nefarious users from gaining information about vulnerabilities in Chromium code. Usually, the time between security updates is used for testing prior to a public release. Google first observed this to be an issue in 2020 when its patch gap between updates was approximately 35 days. It then shifted to a biweekly update schedule with the release of Chrome 77.

The brand noted this latest schedule still won’t deter all n-day exploits but can minimize them further. In practice, more frequent security updates offer less time for bad actors to exploit flaws that require detailed paths and more development time. Over time, there is also the likelihood that bad actors will find ways to create faster exploits.

There is also the possibility that the frequency of security updates could eventually truncate even more, with patches being deployed as soon as they’re available.

Google stated it now tackles “all critical and high severity bugs as if they will be exploited.”

Even so, the brand has come to see n-day exploits as just as dangerous as zero-day exploits, which are vulnerabilities that were previously unknown and therefore unaddressed with a patch or update.

Google also recently announced its plans to enable separate Chrome browser support for ChromeOS as of the ChromeOS 116 release. This update would especially benefit Chromebooks, extending the netbooks far longer than their typical software lifespan. The ChromeOS 116 release is scheduled for August 22.

Editors' Recommendations

Topics
Fionna Agomuoh
Fionna Agomuoh
Computing Writer
Fionna Agomuoh is a technology journalist with over a decade of experience writing about various consumer electronics topics…
The most common GPU problems and how to fix them
A hand grabbing MSI's RTX 4090 Suprim X.

If you use a desktop PC or laptop for long enough, chances are you're going to come across one of the common GPU problems that have plagued gamers and workers since the humble graphics card debuted for the first time. The question is, do you know how to fix them? If not, never fear. We're here to help.

Whether you're encountering poor performance, overheating, visual artifacts, or a dreaded black screen, we're going to help you diagnose and fix these common GPU problems.

Read more
The most common motherboard problems, and how to fix them
An Asus motherboard with a Phanteks NEON LED strip surrounding it.

Your computer’s motherboard is one of the most vital components in your PC’s chain of command. Think of it as the brain of your entire system, handling everything from processors and graphics cards to power distribution and local memory. If your computer’s been running slower than normal, and you’ve done everything you can to clear your cache, cookies, and other digital debris, then there’s a good chance your motherboard may be the culprit. 

Fortunately, there’s a couple of methods you can use for getting your motherboard back in working order, and we’re going to walk you through each part of the process.

Read more
Google may build Gemini AI directly into Chrome
The Google Gemini AI logo.

Google is now fleshing out its newly unified Gemini AI system in its browser with its first attempt at implementing Chat with Gemini into the Chrome Omnibox.

This latest effort will update Google Chrome with a Chat with Gemini shortcut in the Chrome Omnibox, allowing users to access the AI chatbot feature without having to go to the Gemini website, according to WindowsReport. The Omnibox serves as an address bar and search bar, and it adds multiple other tasks to a browser. Now with a simple @ prompt, you can also access Google's AI chatbot to answer questions, create images, and generate summaries, among other tasks.

Read more