SERIOUS SECURITY PROBLEM: How to prevent Brave from updating in the background?

Good evening,

I didn’t want to create a thread about this, but I’ve done a lot of research and this problem still makes me feel very anxious about the security of using Brave… :dizzy_face: :disappointed_relieved: :disappointed_relieved: :disappointed_relieved:

Description of the issue:

I just want to know how I can disable Brave from auto-updating itself in the background. It’d be fine if Brave was updating itself after I opened the Brave App but it seems dangerous for it to be updating in the background if I’my VPN is turned on for example.

Brave is fully updated because well, it updates itself… :frowning_face: :frowning_face: :frowning_face:Most recent version of Brave.

How is a ‘security problem’ to update Brave, when Chromium/Brave will update with security fixes that can actually cause security problems if not installed?..

Just say you don’t want to upgrade Brave and done, you don’t need to make excuses about ‘security’ when it’s the other way around and it is not an issue here. Seems like your research is not based on reality, whatever you read saying installing updated creates security issues, is just BS, especially with Brave, because it always brings many fixes and features on each update, many which has to do with security and privacy like improvements to the adblocker.

But yes, you can disable Brave from updating.

  1. Block the updater with firewall.
  2. if installed with admin rights, then disable the services or set them to manual (so you can go to about page and manually update Brave) and the, disable the task schedulers entries, just the same as with Edge and Chrome.
  3. If installed without admin rights, just disable the startup entry and the task schedulers.
  4. use the Zipped version from Github, then you will not have an updater and you can manually update the zipped version anytime.


User control of Brave updates is a request that’s come up before - dating back to when Brave was built on Muon. I’ll not comment about whether it’s a security issue, but it’s clearly An Issue. For example, some users have bandwidth limits or data caps or both. Controlling when / where unwanted data usage occurs is important for many users. I can think of many scenarios when users want control over what their computers are doing.

My computers (desktop + laptop + old netbook) are now set up to dual-boot current versions of Linux or an old version (W7) version of Windows (which I still use - offline - with old(er) apps). Uncontrolled updating is NOT a problem in the Linux instances.

When I relied on Windows, I also objected to Brave (and other Chromium-based browsers) automagically updating, specifically on the laptop and netbook because - unlike the desktop - I frequently use the laptop and netbook in situations where on-line connectivity is … tenuous. An untimely update can make any machine useless.

What follows - used improperly - can brick your computer. Proceed with appropriate caution.

What worked for me under Windows - a Microsoft utility:

This utility allows users to edit what automatically runs when booting Windows.

Relevant to your request: editing appropriate Autoruns stops (in this instance) Brave from automagically updating. Repeating: improperly editing Autoruns can brick your computer.

When - in a Windows session - I wanted to update Brave, WITH BRAVE CLOSED, I ran services.msc and changed the status of the relevant Brave-related services from “Disabled” to “Manual”. When I next started Brave, clicking the ‘hamburger’ and selecting “About Brave” activated the update process.

Using the Microsoft utility, I then re-edited the relevant Autoruns. When I next re-booted, Brave once again could only update manually.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.