Early February, Google launched the Chrome 17 edition. On Wednesday, the search engine giant offered patches for nine vulnerabilities in Chrome 17. It was the sixth security update to Chrome 17, wrote Computerworld reporter Gregg Keizer.
As per Keizer’s report, the latest update was the first since the Chrome security team issued a pair of quick fixes during the “Pwnium” hacking event held March 7-9 at the CanSecWest security conference.
According to the Computerworld report, six of the nine bugs patched were rated high. While one of them was labeled medium, the remaining two were designated as low.
Google has been generously rewarding the bug finders. Consequently, as per the Computerworld report, four researchers were paid $5,500 for reporting five bugs. Keizer wrote that the other four vulnerabilities were detected by the members of Google's own security team and were too minor to be eligible for a bonus.
In fact, three of the four researchers who reported flaws in Chrome 17 have been recently recognized by Google. The report identifies Sergey Glazunov as a recipient of a $2,000 reward for detecting a bug described by Google as “cross-origin violation with magic iframe.” Keizer wrote that Glazunov was one of two winners to receive $60,000 prize at the Pwnium event early this month.
The other two researchers, Arthur Gerkis and miaubiz, received $1,000 and $2,000, respectively, for bugs that Google patched on Wednesday, wrote Keizer. Three weeks ago, reports Computerworld, these two were given special $10,000 bonuses for what Google called “sustained, extraordinary” contributions to its vulnerability reporting program.
The Computerworld report shows that this year Google has paid nearly $200,000 to outside researchers through its bug bounty and Pwnium programs.
However, wrote Keizer, Google will not be patching a Chrome bug revealed at the other hacking event “Pwn2Own,” which also ran at CanSecWest.
The latest update to Chrome 17 can be downloaded for Windows, Mac OS X and Linux from Google's website.
Antivirus software is not enough. Apex Technology Services used its decades of IT and cybersecurity
experience to create budget-friendly network security packages every company needs.
Please take a moment to fill out your information so we can contact you directly regarding your request.
Shabodi, an Application Enablement Platform (AEP) provider unleashing advanced network capabilities in LTE, 5G, 6G, and Wi-Fi 6, announced they have l…
Endpoint protection, also known as endpoint security, is a cybersecurity approach focused on defending computers, mobile devices, servers, and other e…
Databricks is an innovative data analytics platform designed to simplify the process of building big data and artificial intelligence (AI) solutions. …
Blue/green deployment is a software release management strategy that aims to reduce downtime and risk by running two identical production environments…
Lateral movement is a term used in cybersecurity to describe the techniques that cyber attackers use to progressively move through a network in search…