Chrome 143.0.7499.169/.170 is out. Here’s what to do with it.
I’ve watched “routine” Chrome updates break one line-of-business extension and ruin a Monday morning. Chrome 143.0.7499.169 (and .170 on some platforms) shipped to the Stable channel on December 18, 2025, and Google says it will roll out over the coming days and weeks.
Release at a glance (versions, platforms, timing)
Keep the version math straight first, or you will chase ghosts in your fleet dashboard. Windows and macOS get 143.0.7499.169/.170, Linux gets 143.0.7499.169, and that mismatch alone triggers “why don’t our Macs match Linux” threads in Slack.
- Windows: 143.0.7499.169 or 143.0.7499.170 (Stable)
- macOS: 143.0.7499.169 or 143.0.7499.170 (Stable)
- Linux: 143.0.7499.169 (Stable)
What actually changed (because the blog post stays high-level)
Here’s the thing. The official announcement does not spell out a tidy list of fixes, it points you to the Chromium commit log instead.
I pulled a few concrete examples from the linked log so you can quickly judge whether this touches areas you care about (omnibox crashes, profile rolls, PKI metadata). Ignore the GitHub style “commit volume” bragging. It tells you nothing about risk.
- Omnibox crash fixes (AIM Variant 3): The log shows cherry-picks for crashes and misbehavior in the location bar UI. If your helpdesk tickets include “Chrome dies when I type,” this is the kind of needle you look for.
- Profile and build data rolls: The log includes rolls like Linux PGO profile updates. These can help performance in some cases, but they also mean “new build inputs,” which I treat as mildly higher rollout risk than a pure one-line fix.
- PKI/Certificate Transparency metadata updates: The log includes automatic CT-related updates. Most users never notice, but security teams sometimes do when cert validation behavior shifts at the edges.
If you need the full list of commits, use the “Log” linked from the official release post. Skim it for the subsystems you own, then decide rollout speed.
Should you upgrade immediately or stage it?
Depends. Some folks slam Stable updates everywhere the moment they appear. I do not, not for managed fleets, because the blast radius hurts and the upside often looks boring on day one.
For a personal laptop, just update and move on with your life. For an enterprise fleet, I’d stage it unless you have a clear reason to rush.
- Upgrade fast: Kiosks, shared lab machines, and endpoints exposed to the internet all day, especially if you cannot control what users browse.
- Stage it: Finance, call centers, clinical workstations, and any group that depends on one brittle extension or one ancient intranet app.
- Wait a beat: If your org runs heavy Chrome policy, custom extensions, and you cannot roll back quickly, give yourself 48 hours of canary signal first.
How I roll this out (the practical checklist)
Small first. Big later.
I usually start with a canary ring of about 5 percent of machines, then I watch for ugly signals: crash spikes, SSO weirdness, printing failures, and “my camera stopped working” tickets. If nothing burns for a day or two, I widen the ring.
- Canary: Update a small, diverse group (power users plus one weird legacy machine) and keep it there for 24 to 48 hours.
- Smoke tests: Log in to your SSO portal, open the core web app, test PDF print, join a WebRTC call, and confirm your top extension still loads.
- Metrics to watch: Helpdesk volume, browser crash rate, extension error reports, and auth failures. Your monitoring will vary, but pick something before you click “rollout.”
How to update and verify the installed version
Most of the time, Chrome updates itself in the background and only needs a restart. In managed environments, your policies and tooling decide when that restart happens, so plan for that friction.
- End users: Open Chrome, go to chrome://settings/help, let it check for updates, then restart the browser.
- Admins: Use your normal software deployment path (MDM, GPO, your endpoint manager), then spot-check a handful of devices per OS.
- Version check: Confirm you see 143.0.7499.169 or 143.0.7499.170 on Windows/macOS, and 143.0.7499.169 on Linux.
Known issues
The official post does not list any known issues for this release. I do not fully trust “known issues: none” from any project, so keep your canary ring alive long enough to catch the awkward stuff.
Official notes
Read the announcement and follow the links to the commit log here: http://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_18.html
Other stuff in this release: profile rolls, version bumps, some fixes in the log, the usual. There’s probably a better way to predict which Chrome maintenance update will bite you, but I haven’t found it yet.
Update and verify commands (every platform)
Chrome usually updates itself, but managed environments need explicit commands. Here’s the full set.
# Check current Chrome version from command line
# macOS:
/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --version
# Expected: Google Chrome 143.0.7499.169 (or .170)
# Linux:
google-chrome --version
# or: google-chrome-stable --version
# Windows (PowerShell):
(Get-Item "C:\Program Files\Google\Chrome\Application\chrome.exe").VersionInfo.FileVersion# Force Chrome update check via command line
# macOS/Linux — open the update URL directly:
google-chrome chrome://settings/help
# Enterprise: check Chrome version across fleet with GCPW/CBCM
# Using Chrome Browser Cloud Management API:
curl -H "Authorization: Bearer $TOKEN" \
"https://www.googleapis.com/admin/directory/v1/customer/my_customer/devices/chromebrowsers?projection=BASIC" \
| jq '.browsers[] | {deviceName: .deviceName, version: .lastPolicyFetchTime}'Verifying the security fixes
The commit log mentions omnibox crash fixes and PKI metadata updates. Here’s how to check the relevant areas work correctly after updating:
# Quick smoke test script (works on macOS/Linux)
# Run after Chrome updates to verify key functionality
echo "=== Chrome Update Verification ==="
# 1. Check version
VERSION=$(google-chrome --version 2>/dev/null || echo "not found")
echo "Chrome version: $VERSION"
# 2. Check that Chrome's certificate store is fresh
# Navigate to a CT-enforced site and verify no errors:
# chrome://certificate-manager (new in recent Chrome)
# Or check from CLI with openssl:
echo | openssl s_client -connect google.com:443 2>/dev/null | openssl x509 -noout -dates
echo "SSL verification: OK"
# 3. Check extension compatibility
# List installed extensions (macOS):
ls ~/Library/Application\ Support/Google/Chrome/Default/Extensions/ | head -5
echo "Extensions directory accessible: OK"For enterprise admins, the Chrome for Enterprise download page has MSI/PKG installers for managed deployment. Track Chrome’s full release history and compare versions on the Chrome releases hub, or scan your browser stack with the Stack Health Scorecard.
Chrome Update References
- Chrome Platform Status roadmap – track feature launches, deprecations, and the shipping timeline for each Chrome milestone.
- Chrome 143 beta announcement – developer-facing summary of the APIs, CSS features, and origin trials introduced in the 143 branch.
If you’re affected by cookie changes, see our third-party cookie deprecation guide.
Related Reading
🛠️ Try These Free Tools
Paste your dependency file to check for end-of-life packages.
Plan your upgrade path with breaking change warnings and step-by-step guidance.
Compare EKS, GKE, and AKS monthly costs side by side.
Track These Releases