Intel and AMD are rolling out updates to help mitigate the impact of the recently disclosed Spectre and Meltdown vulnerabilities. Microsoft is rolling out security updates for Windows. Linux distributions are rolling out updates. Apple has updates for iOS and macOS, and Google has updates for Android and Chrome OS.

But those last few may not reach everyone. Google may be adding new security measures to Android to help protect phones with affected processors, but it’s up to phone makers to actually release those updates to users… and some phone makers have an awful track record with software updates.

You’d think Chromebooks would be different, since Google is responsible for all Chrome OS software updates no matter what company manufacturers your Chromebook or Chromebox. But Google only promises 5 years of updates, starting the day a laptop is released. That means if you have an older Chromebook, like the Samsung Series 5 Chromebook or the Acer C7 Chromebook, you’re out of luck.

That shouldn’t be a big surprise. It’s not just the Spectre and Meltdown updates that you don’t get if you’re using a Chromebook that was released a long time ago. You don’t get any updates, which means you’re already probably missing out on the latest Chrome OS features and bug fixes.

Of course, the core feature of Chrome OS is the Chrome web browser, and most things you can do in Chrome 63 (the latest version), you can also do in Chrome 60 or 59, or what have you. So a Chromebook that has reached end-of-life status is still perfectly usable for a period of time.

But if you have one that’s not getting Spectre and Meltdown patches, now might be a good time to think of retiring it, since those vulnerabilities could allow  malware to steal private data from your computer.

Google has a list of the status of its Meltdown updates for all Chromebooks and Chromeboxes. Anything marked “EoL” for “end of life” has not been updated and will not be updated.

Or just check this list to see if your Chrome OS device has reached EoL:

  • Samsung Chromebook 5
  • Samsung Chromebook Series 5 550
  • CR-48
  • Acer C7 Chromebook
  • Acer AC700 Chromebook

There are also some devices that haven’t been updated yet, but which will receive security updates in an upcoming release, including the Acer Chromebase 24, Toshiba Chromebook 2 (2015), and Dell Chromebook 13 7310, among others.

Google’s chart also shows that all existing Chromebooks with ARM-based processors show a “not needed” status for Meltdown mitigations.

via Chrome Unboxed

Support Liliputing

Liliputing's primary sources of revenue are advertising and affiliate links (if you click the "Shop" button at the top of the page and buy something on Amazon, for example, we'll get a small commission).

But there are several ways you can support the site directly even if you're using an ad blocker* and hate online shopping.

Contribute to our Patreon campaign

or...

Contribute via PayPal

* If you are using an ad blocker like uBlock Origin and seeing a pop-up message at the bottom of the screen, we have a guide that may help you disable it.

Subscribe to Liliputing via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 9,547 other subscribers

14 replies on “Some older Chromebooks won’t receive Meltdown & Spectre security patches”

  1. My 2012 Samsung Chromebook already has Chrome OS 63 and the Exynos ARM based processor is immune to Meltdown.

  2. My mother’s Intel Celeron E1500-powered PC still get latest updates for Ubuntu 14.04 LTS, though it almost decade years old. When 14.04 will be dropped from support I will instal 16.04, and I almost sure, it will run.
    So, I cannot understand, why Scroodge can’t push updates to 5-years old PCs. There are no physical limitations at all.

  3. “But Google only provides 5 years of updates, starting the day a laptop is released.”

    Not strictly true – that is the guaranteed update period but, so far at least, most have receveived updates beyond five years.

    1. Yeah right. I’m sure if I was in the business of making money from hardware, I’m going to do everything I can to extend the life of those 5 year old devices. Not. What exactly is “most” anyways? Choice by darts? Or is this message “brought to you by Google”. As a consumer you’re going to trust your web reliant Chromebook when it stops getting updates and on top of that you’re going to guess whether the Chromebook you bought today is 5,4, or even 3 years of usefulness left in it?

      1. Chromebooks offer pathetic support compared to windows which is supported for what 10 years or more…sure windows has drawbacks but support wise they are great. when you actually look around chromebooks are not even that inexpensive and are often using outdated specs: Arm processors from years ago, no IPS screens etc.

  4. Wait. Each Chromebook model has a specialized version of ChromeOS even on x86 platforms and each only has 5 years of updates? It’s not universal like Linux and Windows.

    That’s reason enough to stay away from Chromebooks.

    1. It’s unfortunate that Google is bringing artificial obsolescence of the smartphone world to the desktop. For pretty much standard x86 notebooks, I’d have expected Google to be able to at least match Microsoft and standard Linux distros in terms of writing portable code. I guess I was wrong.

  5. I never clued into the 5 year expiration date on Chromebooks until you pointed it out. I have an Asus 1201n that runs Windows 7 and yes, I can still use it. Big time pet peeve of mine. Can you imagine the hardware being EoL for an OS like Chrome? I mean that’s comical. Imagine not being competent enough to create or update software so it can run for more than 5 years. You would have to be doing it intentionally. If I could ensure and control the turnover on a product I sell? Well that’s just too damn tempting. We can say Microsoft was/is stupid for their OS longevity (hardware) or we can call this a bunch of shit that we must put up with because, well, greed. Microsoft has already proven that old hardware can run software. Companies shouldn’t be able to accidentally on purpose kill of their products. Zero incentive especially if they all start doing it, which they certainly have. This is the one thing about tech that I despise. Most things I can tolerate but some imaginary EoL date is completely intentional.

    1. Oh weird, I could have sworn it said EoL before… but I probably read the chart wrong. My brain’s a little fried after CES week. 🙂

      1. No, I saw the same thing this morning … I wondered about it. Seemed surprising.

Comments are closed.