Patch Management Group

 View Only

  • 1.  Google Chrome update version

    Posted Nov 04, 2014 08:06 AM

    Needing a specific version of Chrome to put in a patch policy. When I download an older version # of Chrome. I get the latest version of chrome. Is this by design? How do I get the older Chrome update I need?

    Auto updating for chrome is turned off in group policy. And the NOGOOGLEUPDATEING switch is added to the install command line.

    I downloaded a version of Chrome 36

     Bulletin Severity Custom Severity Downloaded Policies Updates Available Packages Applies To Released Revised Description
     CHROME-107 Critical Not Set Yes 1 1 1 10963 8/11/2014 8/11/2014 Chrome 36.0.1985.143

     It shows up in the patch install log as the version I downloaded and put into a policy.

    11/1/2014 4:55 GoogleChromeStandaloneEnterprise3601985143.msi {84C5E13A-DC6A-4356-AD91-2D9A6C271E3B} CHROME-107 Succeeded

    But the actual Chrome msi downloaded to the NS and installed on target machine is version 38.0.2125.111. Not version 36.0.1985.143.

    180px_Chrome-should be 36.jpg



  • 2.  RE: Google Chrome update version

    Posted Nov 04, 2014 08:29 AM

    Google provides single download link to Chrome: http://dl.google.com/chrome/install/GoogleChromeStandaloneEnterprise.msi - and always replaces msi file to its latest version. Earlier policies would use the same dowload link.



  • 3.  RE: Google Chrome update version

    Posted Nov 04, 2014 05:08 PM

    Hello dsmit26jcp,

    As Alex detailed; the download URL provided by the vendor for CHROME-107 targets the download for v38.0.2125.111, and their best practice is to utilize the latest and greatest for install.

    To clarify; it appears the older Bulletins are listed, for the logic is merely if you are on that version, then the reporting will show as vulnerable to the latest. 

    For example; the Windows Compliance by Bulletin report will report only on the latest version, even if you are on v36, and it will display vulnerable to the CHROME-115, but the older versions are left in the Patch Remediation Center as they are remnants of past releases. Any Software Update Policies for these older versions will be updated with the recent packages upon PMImport's run of Revise Software Updates.

    I will review this further with the Data Dev Team and see if there is a purpose for displaying the older Bulletins outside 'archive' purposes, or if we are able to clean them up, but again I feel this is in order, for reporting will merely display the current version if Applicable/Vulnerable and that will be deployed.

    I will follow up to this post as soon as I have any updated info.

    Thank you,

    Joshua

     



  • 4.  RE: Google Chrome update version

    Posted Nov 04, 2014 05:33 PM

    Hello dsmit26jcp,

    I was able to confirm the process is working as designed.

    To clarify:

    • Patch Management Solution relies upon the supported vendor's URL to distribute the Software Update
       
    • The Vendor details that the recent release is the best method to update the software
       
    • Patch Management retains the reference for old Software Updates provided by the vendor to target for Compliance and is available for download in the Patch Remediation Center

    This information has also been publicized in KM: TECH226017. Please let us know if you have any further questions regarding this topic and we will be happy to help.

    Thank you,

    Joshua