Google Chrome Users Take at least One Month to Update

upnorth

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,457
Researchers reported Monday that the vast majority of Chrome users take close to a month to install a new patch – something that’s a cause for concern amid an increase in the number of zero-day attacks on Chrome browsers in the past year.

In a blog posted by Menlo Security, researchers found that while Chrome 87 was released on Nov. 17, 2020, it took at least a month for 84% of customers to update their browsers. The same trend was observed with Chrome 88, which was released on Jan. 19, 2021, but also took a month until 68% of customers updated. Vinay Pidathala, director of security research at Menlo Security, said the researchers pointed out the lag, because of 10 zero-days actively exploiting browsers in the wild during 2020, four were directed at Chrome. “We find that zero-day exploits can work against any application,” Pidathala said. “Attackers target applications that have global and widespread adoption. We think that going forward we will see more zero days against Chrome because of its market dominance.” And starting January 2020, Microsoft’s Edge browser became based on Chromium, Pidathala added. Developing an exploit for Chrome now gives the attackers a much larger attack surface to go after.
 

mlnevese

Level 26
Verified
Top Poster
Well-known
May 3, 2015
1,531
That's why forced updates are becoming so common on all security critical software. It's not about you, technical savvy user but the greater amount of people who would NEVER update otherwise creating a real security risk not only for themselves but for everyone else.
 

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,814
This genuinely baffles me.
Chrome downloads updates automatically but requires the browser to be closed and reopened to apply those updates. So for that 84% to not be updated to Chrome 87, they would've had to not close Chrome or shut down their systems for that entire month. o_O
 
Last edited:

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
I got the understanding that this 84% applies to customers using the Menlo Security platform, which is probably Enterprises.

Then there is Chrome for Enterprise, which manages updates differently.

Could be wrong, but I don't think anyone should be worried.
It finally makes sense. Can't be that most home users go a month without shutting down their computer.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top