Google has posted a fresh round of security updates for its Chrome browser, and issued cash rewards to the researchers who uncovered the flaws. Skip related content
Chrome 8.0.552.237 contains fixes for 16 vulnerabilities, 13 of which are classified as ‘high’ risk, while two are rated ‘medium’ and one is rated ‘critical’.
Discovery of the ‘critical’ issue, a stale pointer vulnerability in the Chrome speech component, was credited to security researcher Sergey Glazunov.
While the exact risks of the flaw were not disclosed, Google said that it was severe enough to make Glazunov the first ever recipient of the company’s ‘elite’ monetary award of $3,113.70 (£1,965).
Many vendors reserve the ‘critical’ rating for vulnerabilities which can be exploited for remote code execution without user notification.
“Critical bugs are harder to come by in Chrome, but Sergey has done it,” Google said in a Chrome Stable Release blog post.
The vulnerabilities will also be included in an update for Chrome OS, and users are advised to install version 8.0.552.334.
Article source: http://uk.news.yahoo.com/16/20110113/ttc-google-hands-out-record-reward-for-c-6315470.html
Category: Vulnerabilities/Exploits