Google dispenses first jackpot award to security bug hunter
Elite bug-finder handed $3,133.7(0) reward
Customer Success Testimonial: Recovery is Everything
Google updated its Chrome browser software on Wednesday to address a variety of security bugs, including the first vulnerability to qualify its finder for the recently introduced top-tier of its Chromium Security Reward scheme.
Sergey Glazunov earns an “elite” $3,133.7 award for his bug-finding efforts as well as pocketing the base-line $1,337 reward and other incentives for the discovery of lesser bugs, also resolved by the latest cross-platform browser security update.
Glazunov's major find was a crucial flaw involving a "pointer in speech handling". He also found four "high" risk vulnerabilities variously involving video and anchor handling as well as miscued pointers. In total the 8.0.552.237 release addresses one critical flaw, 13 "high-risk" bugs and two less severe medium-danger vulnerabilities, as detailed in Google's bulletin here. The ad broker paid a total of $14,000 in security awards to various researchers.
Google is withholding details of the respective bugs until users have a reasonable chance to apply security fixes – in case the added details might help the bad guys to develop workable exploits. ®
COMMENTS
What was that an hour?
... still it's a step up from Google's usual outsourced development rate of $0.00 per day.
I've found 1000's of bugs in Chrome...
http://www.google.com.au/search?client=firefox-a&rls=org.mozilla%3Aen-US%3Aofficial&channel=s&hl=en&source=hp&q=bugs&meta=&btnG=Google+Search
IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Steps to Take Before Choosing a Business Continuity Partner
Enabling efficient data center monitoring
