The risk of the "potential danger" of someone cracking into Chrome's update mechanism and pushing out a rogue update, is exponentially over-weighed by forcing client endpoints to always have the latest security patches
Chrome is the most used browser by some way among private individuals. If anyone cracked its auto-update mechanism, every one of those users could be subject to having their private data uploaded without even knowing it, resulting in the usual problems like fraud and identity theft, and/or encrypted and held for ransom, or just deleted.
The actual cost would depend on how fast Google identified the problem and recovered. Obviously if they found it within a few minutes and shut down the system that would reduce the damage considerably from what it could be. Still, keep in mind that recovering from any breach in this particular software would surely mean at least a major and ongoing PR campaign, as anyone who cracked the auto-update mechanism would disable such channels the moment their malware was installed. It seems possible that the resultant damage not just to the economy from direct fraud but to individual quality of life, consumer confidence, and so on could take a long time to recover, not to mention severely damaging or even bringing down Google as a business.
And all because they didn't want users to get a simple message saying an update was available and inviting them to download it with the usual security precautions, as Firefox or IE would?
It is far, far, far better for the security of the web as a whole to ensure browsers always have the latest security updates.
Of course having timely security updates is better, but as Firefox and IE demonstrate, you don't need to play games that circumvent basic security practices to achieve this.
Finally, Chrome *DOES* provide a way for administrators to lock down to specific Chrome versions, so your post doesn't even have a leg to stand on.
I wasn't advocating not updating, only not updating without any confirmation and bypassing normal security checks, so this is a straw man.
Moreover, if I asked 100 randomly chosen Chrome users how to do this, I imagine fewer than 10 of them would even realise it was possible, so it's not even a good straw man...