Google pays record bounty for Chrome bug

Patches 16 browser bugs, including one that earns researcher $3,133

Google patched 16 vulnerabilities in Chrome on Thursday, paying one researcher a record $3,133 for reporting a single bug. The flaws fixed in Chrome 8.0.552.334 were in several components, including the browser's support for extensions, its built-in PDF viewer, and CSS (cascade style sheet) processing.

Thirteen of the bugs were labeled as "high" threats, Google's second-most-serious rating, and two were pegged "medium." Only one was tagged as "critical."

As it always does, Google locked its bug tracking database to bar outsiders from reading the technical details of the just-patched vulnerabilities. The company usually opens access to a flaw later -- sometimes within weeks, often only after months -- to give users time to update before the information goes public.

Researcher Sergey Glazunov was credited with reporting the single critical vulnerability, described by Google as a "stale pointer in speech handling." A "stale pointer" is a bug in an application's memory allocation code.

Glazunov was the first researcher to take home Google's biggest bounty.

"We're delighted to offer our first 'elite' $3133.7 Chromium Security Reward to Sergey Glazunov," said Jason Kersey, a Chrome program manager, in a post to Chrome release blog .

Last July, Google raised its top dollar payout from $1,337 to $3,133, making the move less than a week after rival Mozilla boosted Firefox bug bounties to $3,000.

Wednesday was also the first time that Google has classified a bug as critical since the debut of the higher bounty; only critical vulnerabilities are eligible for the $3,133 reward.

Altogether, Google paid Glazunov $7,470 for reporting five of the 16 flaws. Google cut checks totaling more than $14,000 to Glazunov and others for their work.

Yesterday's patch collection was the third since Google updated the stable edition of Chrome to version 8 in early December.

According to the newest statistics from Internet metrics company Net Applications, Chrome accounted for a record 10% usage share last month.

Chrome 8 can be downloaded for Windows, Mac OS X and Linux from Google's Web site. Users already running the browser will be updated automatically.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer , or subscribe to Gregg's RSS feed . His e-mail address is gkeizer@ix.netcom.com .

Read more about browsers in Computerworld's Browsers Topic Center.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags securitybrowsersGooglesoftwareapplicationsmozillacssMalware and Vulnerabilities

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Gregg Keizer

Computerworld (US)
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?