Windows - Software - Disable Google Chrome Updates

What the Chrome Update Disabler does

This Automox Worklet™ disables Google Chrome's built-in automatic update mechanism on Windows endpoints by modifying the browser's Group Policy registry settings. The Worklet configures the registry key at HKLM:\SOFTWARE\Policies\Google\Update with the appropriate value to prevent Chrome from checking for or installing updates through its native update process.

The Worklet supports four configuration modes through the $chromeUpdatePreference variable: fully disabled (0), fully enabled (1), manual updates only (2), or automatic updates only (3). By default, the Worklet sets the value to 0, completely disabling Chrome's update functionality. Chrome updates delivered through the Automox third-party software catalog remain fully functional and unaffected by this configuration.

The Worklet examines registry keys including HKLM:\SOFTWARE\Policies\Google\Update.

The Worklet uses PowerShell to check the current registry configuration during evaluation and creates or modifies the necessary registry keys during remediation. If the registry key path does not exist, the Worklet creates the entire path structure automatically.

Why disable Chrome's automatic updates

Uncontrolled browser updates disrupt business operations when new Chrome versions break internal web applications. Chrome updates itself frequently without warning, sometimes introducing compatibility issues with third-party tools or custom web applications your organization relies on. When Chrome updates outside your control, users experience application failures that generate urgent support tickets and interrupt workflows.

Managing Chrome updates through Automox provides audit trails, scheduling control, and rollback capabilities that Chrome's native update process lacks. You can coordinate Chrome updates with application release cycles, avoiding situations where a browser update disrupts business-critical workflows. This approach also prevents bandwidth consumption from Chrome downloading updates during peak business hours.

For organizations subject to change management requirements or compliance frameworks, disabling automatic updates helps maintain documentation of software changes. You can schedule Chrome updates through Automox policies that align with your maintenance windows and approval processes.

How Chrome update control works

1. Evaluation phase: The Worklet uses the Test-Registry function to check whether the Update{8A69D345-D564-463C-AFF1-A69D9E530F96} registry property exists at HKLM:\SOFTWARE\Policies\Google\Update and whether its value matches the desired $chromeUpdatePreference setting (default 0). If the configuration matches, the Worklet exits with code 0. If the registry value differs from the desired setting or does not exist, the Worklet proceeds to remediation.

2. Remediation phase: The Worklet calls the Set-RegistryProperty function to create or modify the Chrome update policy registry key. The function first checks whether the registry path exists and creates it if necessary. It then creates the Update{8A69D345-D564-463C-AFF1-A69D9E530F96} property with the specified value, or updates the existing property if it already exists. The Worklet outputs the configured setting (DISABLED, ENABLED, MANUAL, or AUTOMATIC ONLY) to confirm completion.

Chrome update configuration requirements

• Windows operating system (compatible with workstations and servers)

• Google Chrome installed on the endpoint

• Administrative privileges to modify HKEY_LOCAL_MACHINE registry keys

• PowerShell execution context with access to registry cmdlets

• Optional: modify the $chromeUpdatePreference variable (line 42) to change update behavior from the default disabled setting

Expected Chrome update behavior after remediation

After the Worklet runs successfully, Chrome's automatic update mechanism stops checking for new versions. Users see the update menu option in Chrome disabled or removed, depending on the configuration mode selected. Chrome no longer downloads or installs updates through its native GoogleUpdate service. You can verify the configuration by navigating to chrome://settings/help in the browser, which displays a message indicating that updates are managed by your organization. The registry value persists across Chrome restarts and Windows reboots, maintaining centralized update control until modified by another policy.

You can verify the configuration by navigating to chrome://settings/help in the browser. The page displays a message indicating that updates are managed by your organization. The registry value persists across Chrome restarts and Windows reboots until modified by another policy or Worklet. Chrome updates deployed through Automox's third-party catalog continue to install normally, giving you full control over update timing and testing.

How to validate disable google chrome updates changes

1. Run this Worklet on a pilot Windows endpoint and review evaluation output for disable google chrome updates.

2. Confirm Automox activity logs show successful completion and exit code 0.

3. Verify endpoint state using checks aligned to evaluation script logic, such as Test-Registry, Test-Path, Get-ItemProperty.

4. Validate remediation effects from script operations such as Set-RegistryProperty, Add-Prop, Test-Path, then rerun evaluation for compliance.