Google Chrome Force Update/Patch

New Contributor II

Hi There

I know there have been discussions regards this already, however, none of these seems to be working for us. Having looked at this article with Google it appears that they have changed their code/process as this is no longer working. Also the UpdateDefault key is no longer listed on

My question is, how to force users to have the most up to date version of Chrome? I see Patch Management may work, but this requires pkgs and i am worried it would remove user profiles etc if reinstalled etc.

Any advise best way to force users to update chrome?



Contributor II

I used this one and it worked fine.

Contributor III

I'm still using Hannes Juutilainen's script as a post-install task to activate Chrome's self-updater:

Once all the update pieces are setup using the script above, I discovered you can update Chrome using the following:

/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/MacOS/ksadmin -i

-i (or --install) is not a documented flag that I can find, but it works in my testing.

New Contributor III

For what it's worth I just pushed Chrome to a large number of systems via the installer package and have had zero complaints regarding lost user settings, plugins, etc. I do have a prompt built using JamfHelper to allow for deferral and notify the user that Chrome will be quitting, giving them a chance to close Chrome first.

New Contributor II

@jkaigler - I tried this but did not seem to work for us, we have various versions out there so maybe it could be not suitable in our environment.

@georgecm12 Thanks, I will get testing on this and see if this works.

@ablend I have been testing pushing a new pkg with the Chrome update via Patch Management and this seems to work as not had anyone complain. Just conscious that if i push globally 1000+ endpoints it will remove peoples profiles. Guess more testing may help.

Frustrating that it seems Google's enterprise help page is outdated....

Contributor III

We use a script, for both firefox and chrome, the chrome one looks like:


# Get current stable build version number of Chrome from the web, do this in a single line to keep it encapsulated
chrome_latest_stable="$(curl | grep "mac,stable" | sed "s/,/ /g" | awk '{print $3}')"

# Get version number on currently installed Chrome app
installed_version="$(/Applications/Google Chrome --version   | grep -iE "[0-9.]{10,20}" | tr -d " <>-:;/,&"=#[a-z][A-Z]")"


install_Chrome() {
  # Create a temporary directory in which to mount the .dmg
  tmp_mount=`/usr/bin/mktemp -d /tmp/chrome.XXXX`

  # Attach the install DMG directly from Google's servers (ensuring HTTPS)
  hdiutil attach "$( eval echo "${DOWNLOAD_URL}" )" -nobrowse -quiet -mountpoint "${tmp_mount}"

  rm -fR "/Applications/Google"

  ditto "${tmp_mount}/Google" "/Applications/Google"

  # Let things settle down
  sleep 1

  # Detach the dmg and remove the temporary mountpoint
  hdiutil detach "${tmp_mount}" && /bin/rm -rf "${tmp_mount}"

  if [ -e "/Applications/Google" ]; then
    echo "******Latest version of Chrome is installed on target Mac.******"

check_Running ()
# To find if the app is running, use:
ps -A | grep "Google" | grep -v "grep" > /tmp/RunningApps.txt

if grep -q "Google" /tmp/RunningApps.txt;
    echo "******Application is currently running on target Mac. Installation of Chrome cannot proceed.******"
    exit 1;
    echo "******Application is not running on target Mac. Proceeding...******"
    exit 0

# If the version installed differs at all from the available version
# then we want to update
case "${installed_version}" in
    echo "****** Chrome version checked OK (${latest_stable}) ******"
    echo "****** Chrome version differs - installed: ${installed_version}, available: ${latest_stable} ******"

exit 0;

Esteemed Contributor III

@dsavageED wrote:

# Get version number on currently installed Chrome app
installed_version="$(/Applications/Google Chrome --version   | grep -iE "[0-9.]{10,20}" | tr -d " <>-:;/,&"=#[a-z][A-Z]")"

Curious why defaults won't work:

$ defaults read /Applications/Google\ CFBundleShortVersionString



New Contributor II

@dsavageED Thanks for the script, I just ran it on a VM which has an old Chrome installed and it ran fine but shows/result is Chrome is up to date but from the Get Info, it is not? Any ideas? See image attached




...worried it would remove user profiles etc if reinstalled etc.

Whichever method you choose, removing and installing the app won't remove the user profiles in any of these methods.


@dsavageED below is the error that we're getting. We've added our proxy before the script run so below is line 26.

# Get version number on currently installed Chrome app
installed_version="$(/Applications/Google Chrome --version   | grep -iE "[0-9.]{10,20}" | tr -d " <>-:;/,&"=#[a-z][A-Z]")"



After doing couple of testing on Mojave devices, the script works as it should. We're hitting the error about with Catalina.

Valued Contributor III

@dsavageED Mind sharing the script you use for Firefox as well? I do like this since it stops the action if the program is opened. However I wish there was a way to make this script happen using Patch Policies and then it prompts the user to quit the app so it can update.

Gabe Shackney
Princeton Public Schools

Gabe Shackney
Princeton Public Schools

New Contributor III

@gshackney Try this: create an empty package in Composer, add the script to downloads/installs the app as a Post-Flight script to the empty package, and now you can use that with patch management policies. Basically the only payload in the package is the post-flight script that makes everything happen.

New Contributor II

@ponyboy When adding the postflight script Composer states it will be ignored as Flat Packages. How do I trigger a postflight script to run when launching the pkg created by Cpmposer?

New Contributor II

We use the Jamf Patch Management option, with pkg's and it doesn't appear to have any impact on settings or user profiles.

New Contributor III

Thanks @dsavageED

I modified your script to use the pkg installer instead as it has the option to upgrade even if the chrome is in use 0103a5dd7e4b42b5967ad27975ddc693

New Contributor III

@xtian - any chance you'd wanna share that script :)


@Maxb Script is not needed unless you need the version info, I just set up a policy to execute the following command:

curl -L -o /tmp/GoogleChrome.pkg && installer -pkg /tmp/GoogleChrome.pkg -target / -verbose

New Contributor II

Hello all, does anyone have knowledge of an option to force chrome update using the terminal? is there a way to have like a softwareupdate -i but for chrome or trig through the terminal the chrome update agent? 

New Contributor III

This seems to work:

sudo /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/MacOS/ksadmin -P -i

I am still testing...



Hello. since my last post, i have been using this command successfully. i am running it using a script 


It needs to be run as the loggedin user. for best user experience, you also need to manage chrome and push a configuration profil custom application settings with these keys set


here are the links and guide lines for setting them.