June 26, 2026
Chrome Update: What NJ Small Businesses Should Do
June 26, 2026
Chrome just released version 149.0.7827.197, which includes 18 bug fixes. Not all of them were security issues, but some were. Earlier in June, Google pushed a release with 33 security fixes. That's a lot of patching in a short window, and if you're running Chrome across a handful of workstations, phones, and tablets, there's a real chance some of those devices are still running the older version right now.
Most business owners I talk to assume Chrome updates itself. It usually does, but only if the browser is actually closed and reopened. If your staff leaves Chrome running for days at a stretch, which happens constantly, the update sits there waiting. The browser shows a little colored arrow in the corner that almost nobody clicks.
A lot of the patching conversation in small businesses centers on Windows Update. That's fair, Windows vulnerabilities get the headlines. But Chrome is the front door to almost everything your team does. Your accounting software, your CRM, your Microsoft 365 apps in the browser, your banking portal. All of it runs through Chrome for most users.
When there's an unpatched security bug in Chrome, an attacker doesn't need to break through your firewall. They just need one of your employees to visit a compromised website or click the wrong link. That's not a theoretical risk. It's the kind of thing that shows up in incident reports every week.
The June release alone had 33 CVEs. A CVE is a catalogued security vulnerability with a public ID number. Once those are public, attackers know exactly what to target on unpatched machines. The window between disclosure and active exploitation keeps getting shorter.
Here's where it gets messier for small businesses. Chrome isn't just on your office computers. It's on your employees' personal phones if they check work email on them. It's on company-issued tablets. It's on any Mac or Linux machine in your environment. Each one of those is a separate update to manage.
If you're a 20-person company with a mix of Windows laptops, a couple of Macs, and people checking Outlook on Android, you could easily have 40 or 50 Chrome installs that need attention. Managing that manually is unrealistic.
This is exactly the kind of thing that falls through the cracks without a real patch management process. Someone updates their home laptop. Nobody updates the tablet in the conference room that gets used for video calls. That device sits unpatched for months.
For Windows environments, you can push Chrome updates centrally using Intune or a dedicated patch management tool. We use tools that let us see every device, what version of Chrome is running, and push updates without waiting for a user to remember. If you're already in Microsoft 365 Business Premium, you have access to Intune and it's worth using it for more than just device enrollment.
For company-owned phones and tablets, mobile device management handles this. You can force Chrome to stay updated the same way you manage app updates on managed devices generally.
For personal devices accessing company resources, this is where it gets into policy territory. At minimum, you should have a written acceptable use policy that requires employees to keep browsers updated. Some organizations enforce this through conditional access in Microsoft Entra, which can block a device from reaching company apps if it doesn't meet a minimum security standard.
If none of that infrastructure exists yet, the short-term answer is simple. Tell your team to close Chrome completely and reopen it. That forces the pending update to apply. Takes 10 seconds. Do it today.
Patch management isn't just a Windows conversation anymore. Your browsers, your PDF readers, your Zoom client, all of it needs to stay current. The businesses that get hit aren't usually missing some exotic security tool. They're missing the basics, applied consistently, across every device.
If you want help building a patching process that actually covers your whole environment, Exine works with small and mid-size businesses across New Jersey and New York City to get this kind of thing sorted out properly.
