Google is about to double the amount of Red Bull and Mountain Dew it supplies its hordes of engineers, as it’s just announced it will be cutting the time between updates for its Chrome browser in half. The move by Google is an attempt to bolster the security of the world’s most popular web browser against malicious activity, a job that never ends. The company hopes that by reducing the time between patches or updates, it will be able to shorten its “patch gap.”
Previously Google had established a bi-weekly schedule for Chrome updates but will now release updated versions of its browser every week. This is a pattern for Google, which has been reducing this so-called “patch gap” for several years. According to ZDNet, back in 2021, the time between updates was 35 days. Chrome 77 bumped that up to a bi-weekly cadence. For reference, the most current version is 115, and the new update schedule will start with Chrome 116, which should be out soon for testing but not for public release until bugs are squashed.
Get used to seeing the familiar “Relaunch to Update” icon in your Chrome browser. Credit: Google
Google’s main issue regarding its browser’s security is that it uses the open-source Chromium browser, giving anyone in the world access to the source files. Google also lets anyone view the notes and comments on upcoming fixes still in testing, allowing anyone to see what changes are being made and develop new exploits. With Chrome being the most-used browser in the world across numerous platforms, including desktop and Android, this situation makes it a ripe target for ne’er-do-wells.
The “patch gap” pertains to the time between a zero-day vulnerability being fixed by Google before a public release and a hacker developing an exploit that targets people who have not yet updated their machines. When this happens, the exploit goes from a Zero Day into an “N-day,” a zero-day that has been fixed, but someone who hasn’t updated their browser could become a victim.
Google hopes that offering more frequent updates will reduce this “patch gap.” In the future, the company will stick to its current schedule of monthly “milestone” releases. However, in between those big updates, there will now be weekly security updates, according to the announcement.