Google has paid out $11,500 in bounty money to security researchers for spotting bugs in the latest stable version of its Chrome web browser, released yesterday. $7,000 goes to a single developer, named "miaubiz", who discovered seven separate bugs, including several problems with the browser's handling of SVG images. A further $4,000 goes to Jüri Aedla, who spotted two integer overflows, one threatening more than just the browser, potentially allowing an attacker to affect the underlying system on 64-bit Linux machines. Meanwhile, Nicholas Gregoire picks up a modest $500 for spotting a "wild read in XSL handling."
"We’d also like to thank Arthur Gerkis, Atte Kettunen of OUSPG and miaubiz for working with us during the development...
Continue reading…
No comments:
Post a Comment