Software versions that take too long to be updated have become a real gift for attackers. When there are weeks between one version and the next, known vulnerabilities remain, ready to be exploited; these scenarios have led to cases like the fake Chrome updates. Because of that, Google has decided to drastically shorten the release times and will now launch new versions of Chrome every two weeks., instead of the monthly cycle it has maintained since 2021.
This change means that those who use the browser will have to restart Chrome much more frequently on their computers and mobile devices if they want to be truly protected. The stated goal is clear: to reduce the time cybercriminals have to exploit vulnerabilities already detected internally or responsibly by external researchers, without sacrificing a stable browser for everyday use.
When do the bi-weekly updates begin, and which versions will be affected?
According to internal company documentation and public announcements, The new bi-weekly cadence will begin on September 8, 2026 with Chrome 153That day will mark the first major milestone of the new calendar, with a stable version that will be born under this accelerated scheme.
The change It will be applied uniformly across all major platforms.Windows, macOS, Linux, Android, and iOS. Chrome for desktop and mobile will continue to receive versions through the usual channels (Stable and Beta), but with a new two-week release schedule.
Google has made it clear that The Dev and Canary channels will not change their current operation.These test environments, which already receive builds several times a week, will continue to be the playing field for developers and users who want to be one step ahead, with more experimental and less polished changes.
In parallel, the company will maintain the weekly security updatesThese patches allow critical updates to be distributed even between major versions. These fixes, introduced in 2023, will continue to be rolled out incrementally to quickly close the most urgent vulnerabilities.
This is how the new Chrome channel scheme looks.
The Chrome ecosystem isn't limited to a single version. Google manages different distribution channels to adapt the browser to very different profiles, from home users who just want stability to technical teams that need to test changes before deploying them to production.
| Update Channel | Version frequency | Security patches | Main audience |
|---|---|---|---|
| Stable | Every 2 weeks (since Chrome 153) | Weekly | General users and companies with agile deployment |
| Extended Stable | Every 8 weeks | Included in each version | IT departments that prioritize stability |
| Beta | Aligned with Stable (2 weeks) | As needed | Testers, QA and web developers |
| Dev / Canary | Several releases per week | Variable | Enthusiasts and advanced code testing |
To Organizations that cannot keep up with the frenetic pace of bi-weekly releasesGoogle maintains the Extended Stable channel. This roadmap, designed for fleets managed on Windows and Mac, maintains an eight-week cycle per major version, with security patches already integrated into each update.
The company's own corporate documentation emphasizes that Extended Stable is geared towards corporate environmentsThis environment requires a longer timeframe for testing internal applications, assessing compatibility, and deploying changes in stages. Management relies on centralized policies and administrator-specific installation packages.
As for the ChromebookGoogle has indicated that releases will continue to depend on platform testing, with "extended release options" for managed devices. The manufacturer will adjust these channels in parallel with the new browser cycle, although details are still lacking on exactly how ChromeOS versions will sync with the browser's bi-weekly release schedule.
Security in the spotlight: less room for attackers
The background to this entire movement lies in the open war against security breachesThe longer a known vulnerability remains unpatched, the easier it is for an attacker to develop and distribute a working exploit. That's why Google has been working tirelessly for years.
Until 2021, major versions of Chrome were released approximately every six weeks. After that, it switched to a cycle of four weeks per main version, accompanied by constant improvements in fault detection. Since 2023, moreover, The browser receives specific weekly security patches to quickly correct critical vulnerabilities without waiting for the next milestone.
With the arrival of the bi-weekly model, Chrome further reduces the window of opportunity for cybercriminalsFewer days between releases means less time to exploit vulnerabilities that have already been identified internally or responsibly by external researchers.
This is especially relevant considering that Chrome holds approximately two-thirds of the global browser marketThis dominance makes Google's software a prime target for all kinds of attacks, from credential theft to the silent installation of malicious extensions or malware on the operating system.
Recent experience shows that this is not a theoretical fear. In recent months, Google has been forced to publish emergency updates to correct serious vulnerabilities in multimedia components, development tools, and internal libraries. Some of these flaws, identified with codes such as CVE-2026-0628 or the CVE-2026-3061/3062/3063 series, could allow anything from unauthorized memory access to the execution of malicious code.
Extensions, AI, and new risk fronts
The problem no longer lies solely in the browser's core code. The rise of features based on artificial intelligence integrated into Chrome itself and the reliance on third-party plugins has opened up new attack vectors that require constant vigilance.
In one of the most high-profile cases, Google had to to fix a very high severity vulnerability that affected the Gemini side panelits AI assistant. The flaw allowed previously installed extensions to manipulate that space and potentially gain unauthorized access to information handled by the tool.
They have also been detected malicious extensions capable of stealing data from thousands of usersSuch as QuickLens, which masqueraded as a legitimate utility until it was discovered to be silently exfiltrating information. These incidents have reinforced the idea that security reviews should be almost continuous.
In this context, The new bi-weekly release schedule fits with a strategy of much more frequent checks.Security patches can be quickly integrated into a near-stable release, instead of accumulating for a month or more, reducing the likelihood of a vulnerability lingering for weeks on millions of computers.
The less visible side is that This dynamic is pushing Google and other manufacturers to rely more and more on automated diagnostic and testing tools.Manually reviewing all changes at that speed would be impractical, so much of the final stability ends up in the hands of automated analysis and testing systems.
What does this change mean for businesses, developers, and Chromium-based browsers?
For systems managers in large organizations, the new pace is not insignificant. Test each new version of Chrome against the clock Avoiding surprises in internal applications, intranets, or critical tools becomes a top priority challenge.
IT departments that choose to follow the Stable channel will have to automate your testing and deployment processes as much as possibleUsing centralized management solutions, group policies, and CI/CD platforms that systematically integrate browser testing, Extended Stable will remain the most sensible option for many, sacrificing speed of adoption in exchange for fewer surprises.
The web developers and extension creators They'll also notice the change. With a new beta and stable version every two weeks, the time available to verify that an update doesn't break anything on their sites, apps, or plugins is reduced. Google has already announced that Chrome Beta for each version will be released three weeks before the stable release.Therefore, it is recommended to use that margin for compatibility testing.
For those who build alternative browsers based on Chromium (Edge, Brave, and others), the impact can be significant. By shortening the time between milestones, these projects will have half the time to integrate changes to Chrome's codebase, adapt their own functions and go through complete internal testing cycles.
This narrower margin can reinforce reliance on automated integration processes and, in some cases, cause certain new features to take longer to reach third-party browsers. The other option, excessively accelerating the merging of changes, could result in more issues such as crashes, high memory consumption, or conflicts with popular extensions.
How can users and organizations prepare for the new pace?
On a practical level, Individual users will hardly have to do anything Beyond keeping automatic updates enabled and restarting the browser when Chrome prompts you, the updates will be smaller and more frequent, so in theory they should be less annoying than the large downloads of the past.
Companies and technical teams, however, do have several areas to review. Among the most reasonable measures in response to the new pace are:
- Review what critical dependencies they have with Chrome, from internal applications that only work well in this browser to custom corporate extensions.
- Follow official information channels closely, such as the Chrome Releases blog and the Chromium release dashboard, to anticipate changes that may affect their services.
- Integrate automated cross-browser testing in its development pipeline, so that each new version of Chrome is validated without having to rely exclusively on manual tests.
- Evaluate the use of the Beta channel in pre-production environments, thus anticipating the detection of incompatibilities before they reach end users.
In the case of Spain and the rest of Europe, where Chrome is also the dominant browser in homes and businesses.These adjustments may influence how public administrations and large corporations manage their equipment fleets. The balance between maximum security and operational stability will remain the major dilemma for technology managers.
With this calendar redesign, Google is trying to minimize the attackers' time advantage, deliver patches and features more quickly, and at the same time maintain some leeway for those who need more controlled environments. This move fits with a reality in which the browser has become the gateway to almost everything, from online banking to work applications, and in which Keeping Chrome up to date every two weeks will practically be part of the basic maintenance of any connected device..
