According to Menlo Security, Google Chrome users don’t always take time to relaunch browser updates, and some legacy applications don’t support new versions of Chrome.
Menlo Labs discovered that there are 49 different versions of Chrome being used by their customers as of November 17. Nearly two-thirds (61 percent) are running the latest build (.86) while just over a quarter (28 percent) are running one version prior (.85). Out of the customers running .86, a staggering 83 percent are running versions of Chrome that are vulnerable (<Chrome/86.0.4240.198). According to Menlo Labs, if these customers were using legacy-based detection approaches, these active zero days would have been a risk for them.