# What’s New in Chrome 135 and Why You Should Update Now

Google has just released **Chrome 135**, and while the update may look small at first glance, it comes packed with several **key improvements** in performance, security, and developer tools. Let’s take a closer look at what’s new and why updating is more important than ever.

## New Features in Chrome 135

### **Native CSS Carousels (Scroll-Driven Animations)**

Chrome 135 introduces a new CSS feature that lets developers build **carousels and scrollable UI elements** using native browser support, **without JavaScript**. With pseudo-elements like `::scroll-button()` and `::scroll-marker()`, you can now style scrollbars and control the scroll experience much more easily.

**Why it matters:**\
This makes carousels lighter, faster, and more accessible. Better performance, less code.

### **New `command` and `commandfor` Attributes**

HTML `<button>` elements now support `command` and `commandfor` attributes, allowing for **cleaner declarative UI** without heavy JavaScript. These attributes enhance **keyboard accessibility** and simplify the process of wiring up menu actions.

**Why it matters:**\
Improves accessibility and reduces the amount of custom JS code for interactive elements.

### **CSS `shape()` Function**

The new `shape()` function for `clip-path` and `offset-path` allows you to define complex custom shapes directly in CSS, opening the door for **more creative and flexible layouts**.

**Why it matters:**\
More design freedom for developers and better visual effects without relying on images or SVGs.

### **HSTS Tracking Protection**

Chrome 135 introduces a fix to prevent the misuse of **HTTP Strict Transport Security (HSTS)** for user tracking. This enhances user privacy by **blocking fingerprinting attempts** that rely on HSTS-based mechanisms.

**Why it matters:**\
More privacy. Less tracking. A safer browsing experience for everyone.

### **Security Fixes**

This release addresses **14 security vulnerabilities**, including high-severity issues that could allow attackers to execute malicious code or steal sensitive data.

**Why it matters:**\
Outdated browsers are often the easiest target for attackers. Updating closes these doors immediately.

### How to Update

Most Chrome browsers update automatically, but you can also **force an update manually or use a centralized tool** like **Easy2Patch** for enterprise environments:

#### **Manual Update (For Individual Users):**

1. Open Chrome and go to **Settings > About Chrome**
2. Chrome will automatically check for updates
3. If an update is available, it will be downloaded
4. **Restart your browser** to apply the update

#### **Easy2Patch (For IT Administrators):**

If you're managing updates across multiple devices in an organization, **Easy2Patch** allows you to:

* Automatically deploy **Chrome updates** (and other third-party apps)
* Schedule update rollouts
* Ensure compliance and minimize security risks

> Easy2Patch integrates with Microsoft Intune and SCCM to streamline third-party software patching, including Google Chrome.

🔗 [Learn more about Easy2Patch](https://www.easy2patch.com)