Feeds

Google dispenses first jackpot award to security bug hunter

Elite bug-finder handed $3,133.7(0) reward

Combat fraud and increase customer satisfaction

Google updated its Chrome browser software on Wednesday to address a variety of security bugs, including the first vulnerability to qualify its finder for the recently introduced top-tier of its Chromium Security Reward scheme.

Sergey Glazunov earns an “elite” $3,133.7 award for his bug-finding efforts as well as pocketing the base-line $1,337 reward and other incentives for the discovery of lesser bugs, also resolved by the latest cross-platform browser security update.

Glazunov's major find was a crucial flaw involving a "pointer in speech handling". He also found four "high" risk vulnerabilities variously involving video and anchor handling as well as miscued pointers. In total the 8.0.552.237 release addresses one critical flaw, 13 "high-risk" bugs and two less severe medium-danger vulnerabilities, as detailed in Google's bulletin here. The ad broker paid a total of $14,000 in security awards to various researchers.

Google is withholding details of the respective bugs until users have a reasonable chance to apply security fixes – in case the added details might help the bad guys to develop workable exploits. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
Pre-Update versions of new Windows version will no longer support patches
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.