Google announced today that Chrome is now adopting weekly Stable channel updates in an effort to block major exploits quicker. 9to5Google reports: Google’s browser gets major “milestone” updates every four (previously six) weeks, like going from version 100 to 101. In the past, Chrome would get a “Stable Refresh” update to “address security and other high impact bugs” in-between milestones every two weeks. This is now changing to occur weekly between milestones, starting with Google Chrome 116 on desktop and mobile, so that security updates get to end users much faster. Since Chromium is an open source project, “anyone can view the source code, submit changes for review, and see the changes made by anyone else, even security bug fixes.” […]
The current patch gap is around 15 days. It was previously 35 days before switching to patch updates every two weeks in 2020. Google expects weekly patch updates to result in security fixes shipping “3.5 days sooner on average, greatly reducing the already small window for n-day attackers to develop and use an exploit against potential victims and making their lives much more difficult.” This new schedule will also result in fewer unplanned updates that occur when there are known in-the-wild exploits: “By now shipping stable updates weekly, we expect the number of unplanned updates to decrease since we’ll be shipping updates more frequently.”
