You might think Microsoft would be the one handing out awards to those who report security vulnerabilities in Windows, but yesterday it was Google that paid $5,000 to a pair who found one such problem.
Along with the release of the final, stable version of Chrome 22, Google announced that it's paying the bug bounty to Eetu Luodemaa and Joni Vahamaki of Documill for finding a memory corruption issue in Windows.
The award is part of a revised Chrome bug bounty policy in which Google pays for more than just Chrome bugs. "Occasionally, we issue special rewards for bugs outside of Chrome, particularly where the bug is very severe and/or we are able to partially work around the issue," said Chrome team member Jason Kersey in a blog post.
Google also paid hall-of-famer Sergey Glazunov an unusually lucrative $10,000 bounty for a high-risk universal cross-site scripting (UXSS) vulnerability in Chrome. It was part of $29,500 total paid out for vulnerabilities fixed in Chrome 22.
The new browser also adds support for the ... [Read more]
via CNET http://feedproxy.google.com/~r/cnet/NnTv/~3/LB_EirUYAPE/
No comments:
Post a Comment