|
| 1 | +--- |
| 2 | +title: "A Curious Case of Selenium Manager Usage: What's Behind Chrome 127.0.6533.99?" |
| 3 | +linkTitle: "A Curious Case of Selenium Manager Usage: What's Behind Chrome 127.0.6533.99?" |
| 4 | +date: 2025-09-14 |
| 5 | +tags: ["selenium", "manager", "chrome", "telemetry"] |
| 6 | +categories: ["browsers", "releases", "security", "privacy"] |
| 7 | +author: Boni García ([@boni_gg](https://twitter.com/boni_gg)) |
| 8 | +description: > |
| 9 | + Telemetry from Selenium Manager revealed an unusual pattern: over 28 million users are locked to Chrome version 127.0.6533.99. We explore this anomaly and its possible links to security or privacy. |
| 10 | +--- |
| 11 | + |
| 12 | +Over the past two years, Selenium has included [Selenium Manager](https://www.selenium.dev/documentation/selenium_manager/), a CLI tool (written in Rust) that provides **automatic management of drivers and browsers** across all official language bindings (Java, JavaScript, Python, .NET, and Ruby). Its purpose is to simplify the developer experience: if you create a driver object like this: |
| 13 | + |
| 14 | +```java |
| 15 | +WebDriver driver = new ChromeDriver(); |
| 16 | +``` |
| 17 | + |
| 18 | +Selenium Manager takes care of detecting whether Chrome is installed, downloading the required driver, and even provisioning a copy of [Chrome for Testing (CfT)](https://googlechromelabs.github.io/chrome-for-testing/) if Chrome is not present on the system. This also works for Firefox and Edge, on Windows, Linux, and macOS. |
| 19 | + |
| 20 | +Beyond driver and browser setup, Selenium Manager also implements **telemetry**. Once per day, per user, it sends anonymous usage data to a [public Plausible dashboard](https://plausible.io/manager.selenium.dev). The purpose is to help project maintainers understand how Selenium is being used. While telemetry has generated some debate in the community, the dataset occasionally reveals interesting patterns. |
| 21 | + |
| 22 | +### An Unexpected Browser Version |
| 23 | + |
| 24 | +When reviewing the telemetry recently, one statistic stood out. Most users (71.3%) don't specify a browser version explicitly, which is expected. But surprisingly, **28.7% of daily users — over 28 million unique clients — report running the exact version 127.0.6533.99 of Chrome**. |
| 25 | + |
| 26 | +At first, this looked like a bug. We checked the Selenium repository (a monorepo covering all bindings and Selenium Manager itself) to see if that version was hardcoded somewhere. It wasn't. Which means a huge number of users are explicitly targeting this release. |
| 27 | + |
| 28 | +Looking it up, 127.0.6533.99 corresponds to a Chrome release from August 2024 ([release notes](https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop.html)). That version patched several vulnerabilities, including the critical **CVE-2024-7532** (although the Chromium issue tracker entry for that CVE is [no longer publicly available](https://issues.chromium.org/issues/350528343)). |
| 29 | + |
| 30 | +### Where Are These Users Coming From? |
| 31 | + |
| 32 | +[Digging further into the telemetry](https://plausible.io/manager.selenium.dev?f=is,props:browser_version,127.0.6533.99), we saw that the majority of these requests come from a few countries: |
| 33 | + |
| 34 | +- Russian Federation (4.7M) |
| 35 | +- Iran (3.2M) |
| 36 | +- Pakistan (1.7M) |
| 37 | +- India (1.6M) |
| 38 | +- Vietnam (1.4M) |
| 39 | +- Ukraine (1M) |
| 40 | +- Belarus (884k) |
| 41 | + |
| 42 | +This raises the question: **why would so many users in these regions be tied to exactly this version of Chrome?** |
| 43 | + |
| 44 | +### Interpreting the Signal |
| 45 | + |
| 46 | +We don't have a definitive answer. Some possibilities include: |
| 47 | + |
| 48 | +- Perhaps 127.0.6533.99 is considered a **"safe" baseline** because it patched critical vulnerabilities. |
| 49 | +- Or conversely, it may be the **last version with an exploitable weakness**, making it useful for malicious automation. |
| 50 | +- It could also be distributed widely in enterprise or academic environments in certain countries, leading to a statistical cluster. |
| 51 | + |
| 52 | +Whatever the reason, it's unusual for a single version to hold such a large share of Chrome usage, especially a version over a year old. |
| 53 | + |
| 54 | +### Why Share This? |
| 55 | + |
| 56 | +At Selenium, we believe in transparency. Telemetry exists not only to help maintainers but also to inform the community. Security researchers, privacy advocates, and automation engineers may all find this anomaly interesting. If you have insights, we'd love to hear from you in the [Selenium Slack channel](https://inviter.co/seleniumhq). |
0 commit comments