Google pays out $11,500 in bug bounty for Chrome 20
Google has paid out $11,500 in bounty money to security researchers for spotting bugs in the latest stable version of its Chrome web browser, released yesterday. $7,000 goes to a single developer, named "miaubiz", who discovered seven separate bugs, including several problems with the browser's handling of SVG images. A further $4,000 goes to Jüri Aedla, who spotted two integer overflows, one threatening more than just the browser, potentially allowing an attacker to affect the underlying system on 64-bit Linux machines. Meanwhile, Nicholas Gregoire picks up a modest $500 for spotting a "wild read in XSL handling."
"We’d also like to thank Arthur Gerkis, Atte Kettunen of OUSPG and miaubiz for working with us during the development cycle and preventing security regressions from ever reaching the stable channel," writes Chrome developer Dharani Govindan in the announcement post. "Various additional rewards were issued for this awesomeness."
Users running the stable branch of Chrome should receive the update automatically over the next few days. If you can't wait, navigate to the browser's "About" box and click the update button to install it manually.
There are 14 Comments. Load 'Em Up. Show speed reading tips and settings
Shortcuts to mastering the comment thread. Use wisely.
C - Next Comment
X - Mark as Read
R - Reply
Z - Mark Read & Next
Shift + C - Previous
Shift + A - Mark All Read
Comment Settings
Live comment alert: Hide it!
Comments for this post are closed.