Is the Browser Up to Date?

catskull1 pts0 comments

Is your browser up to date?

catskull.net

Check it right now. Is it up to date?

One of my personal interests is monitoring people’s browser update status. We have regular company calls where people will share their screen and all of the major browsers make it extremely obvious if the browser needs to be updated. Chrome especially makes it entertaining to monitor just how outdated it is. I wish I had a screenshot but I don’t. In the top right corner there will be a little badge that will be green/yellow/red depending on how outdated it is.

I’ve also casually asked friends and coworkers if their browser is updated and virtually none of them had an updated browser at the time of asking. This is across not only Chrome users, but Firefox, Brave, and whatever other hipster Chromium upstarts people like to use as well.

Interestingly, Sam initially claimed his Safari was out of date, but then realized it was updated somehow without him even knowing how or why. It seems that Safari is unique in that Apple ships Safari updates as OS updates and with the default update behavior, macOS automatically updates reliably. At least anecdotally.

I can’t say I know for sure why seemingly every running instance of Chrome is perpetually outdated, but I have a few hunches.

First, Google ships Chrome updates very frequently. As in, like, every other day. Google maintains a blog detailing the updates for various versions of Chrome. It looks like they shipped an update today - July 16, 2026. Included in it are three critical CVE patches and four high patches. The previous update was literally two days ago on July 14. It included two criticals and twelve highs. For what it’s worth, Firefox publishes security advisories and the most recent critical vulnerability was patched on July 14 as well. The page is a bit hard for me to parse, but it appears the last critical patch was back in May of this year. That isn’t to say that Firefox is inherently more secure than Chrome, just that for whatever reason Firefox ships fewer critical fixes. Reasons might include Firefox actually being more secure, fewer people looking for vulnerabilities, or Firefox fixing fewer of the vulnerabilities that are reported to them. I don’t actually have any knowledge or insight into those specifics, I just want to make it clear I’m not calling out Chrome or Firefox here specifically. It should be assumed that major vulnerabilities exist in all software at any point.

Second, Chrome does not automatically update. It automatically downloads the updates, but the user is required to manually exit and relaunch Chrome. The UI makes this fairly simple to do, but it seems that for whatever reason, users simply don’t do this. People keep a few tabs open at all times for whatever web apps they need for their work and don’t want to close them ever. Fear of losing data? I don’t know. It feels a bit ironic to me that in the day of everything being a cloud service, users are afraid of losing their data. We’re so far gone past the Windows 95/98 days of yore where a full system reboot was required at least once a day, if not more frequently. I think if Chrome actually relaunched itself automatically the amount of up to date Chrome instances would go to 100% overnight. I’m not sure why it doesn’t do this, perhaps there is some operating system technical constraint, perhaps Google simply doesn’t want to interfere with people’s lives. And it’s not like Firefox (or other Chromium based browsers) do this any better. Is it just the industry standard way of updating a browser?

Third, Chrome seems about equally likely to ship a 4GB AI model as it is to fix critical vulnerabilities. Because Google is an advertising company, their primary motivation will always be profit at whatever cost they can get away with. I’m not sure what the average Chrome user’s sentiment is towards Google, but considering they’re willing to manually install Chrome on their operating system, they must have some level of trust in Google software. Still, I wonder if this is part of the hesitation. They’re not sure what random changes might have shipped in Chrome and they don’t want to disrupt their workflow. That’s a fair standpoint, in my opinion. I think it also applies to the other browsers as well, not just Chrome.

There are no silver bullets, especially in technology. Everything has tradeoffs. On one hand, I believe that the modern web browser is the most sophisticated and complex software that has ever existed. It’s quite literally miraculous. On the other hand, this means the potential pool of exploitable users is larger than it’s ever been. There’s more incentive for bad actors than there ever has been, period. It’s a tragedy of the commons.

However, I will call out Chrome specifically here. Interestingly, Wikimedia publishes their own browser usage share stat. Cloudflare also reports this metric. The Wikipedia page on “Usage share of web browsers” shows that Wikimedia reports 53.9% of their...

chrome browser firefox people updates google

Related Articles