The Register® — Biting the hand that feeds IT

Feeds

Google dispenses first jackpot award to security bug hunter

Elite bug-finder handed $3,133.7(0) reward

Customer Success Testimonial: Recovery is Everything

Google updated its Chrome browser software on Wednesday to address a variety of security bugs, including the first vulnerability to qualify its finder for the recently introduced top-tier of its Chromium Security Reward scheme.

Sergey Glazunov earns an “elite” $3,133.7 award for his bug-finding efforts as well as pocketing the base-line $1,337 reward and other incentives for the discovery of lesser bugs, also resolved by the latest cross-platform browser security update.

Glazunov's major find was a crucial flaw involving a "pointer in speech handling". He also found four "high" risk vulnerabilities variously involving video and anchor handling as well as miscued pointers. In total the 8.0.552.237 release addresses one critical flaw, 13 "high-risk" bugs and two less severe medium-danger vulnerabilities, as detailed in Google's bulletin here. The ad broker paid a total of $14,000 in security awards to various researchers.

Google is withholding details of the respective bugs until users have a reasonable chance to apply security fixes – in case the added details might help the bad guys to develop workable exploits. ®

Agentless Backup is Not a Myth

Latest Comments

What was that an hour?

... still it's a step up from Google's usual outsourced development rate of $0.00 per day.

0
0
Anonymous Coward

reading..

Leet = 1337

eleet = 3,133.7

0
0

I've found 1000's of bugs in Chrome...

http://www.google.com.au/search?client=firefox-a&rls=org.mozilla%3Aen-US%3Aofficial&channel=s&hl=en&source=hp&q=bugs&meta=&btnG=Google+Search

0
0

More from The Register

SCO vs. IBM battle resumes over ownership of Unix
Zombie lawsuit back and wants to suck the brains out of Linux
Bjarne Again: Hallelujah for C++
Plus: Now officially OK to admit you never used STL algorithms
Interwebs taunt Sir Jony over Apple eye candy makeover
Hey Ive, Ive... add more unicorns, willya?
Apple: iOS7 dayglo Barbie makeover is UNFINISHED - report
Plus: You don't like the icons? Blame marketing
Red Hat to ditch MySQL for MariaDB in RHEL 7
So long, Oracle! Don't let the door hit you on the way out
Shy? Socially inadequate? Fiddling with your phone could help
App 'tells the brutal truth' about social inadequates' chatup lines
Java EE 7 melds HTML5 with enterprise apps
New release arrives with GlassFish, NetBeans support
 breaking news
'Office Facebook' firm Tibbr wants you to PAY for mobe-meetings app
Great idea. Punters won't cough for it though
 breaking news
The only Waze is Google: Ad giant tipped to gobble map app 'for $1.3bn'
Pac-Man-satnav-ish upstart in bidding war with Apple, Facebook
 breaking news
PM Cameron calls for modern, programmable computers! (We think)
IT education musings to G8 chiefs to mystify IT industry