$26,511 were paid out by Google to researchers who made the search giant aware of some of the 18 Chrome vulnerabilities that were taken care of recently. 11 of the 18 vulnerabilities received the second highest rating on Google’s danger meter, namely “high,” while three were classified as “medium” and another four were pegged as “low.”
The $26,511 were paid out to four researchers, two of which were Sergey Glazunov and “miaubiz” who earned $13,674 and $10,337 respectively. Being regular Chrome vulnerability finders, they account for 57% of all bug payments this year. An amount exceeding $170,000 in bounties has been paid out by Google so far for the year of 2011. Set more than two months ago, the previous bounty amounted to $17,000.
Joe Barton, a Texas Republican, voiced his discontent about the browser at a public hearing this week, while Ed Markey, a Massachusetts Democrat, urged Amazon CEO Jeff Bezos for more clarity regarding the data collected from Silk users. The reason for the outrage had to do with how everything a user did in Silk, Amazon would know about. This isn’t the first time that Silk has caused privacy concerns to arise either.
Markey went into a bit more detail in a letter addressed to Amazon, stating that Silk is the only browser available for Silk and that Amazon could essentially keep track of each and every click its customers make. This includes knowing where people shop, what products they buy, when they buy them, and how much they pay.
Mozilla said it will begin to send Firefox 3.6 users an offer that urges them to get on the rapid release train.
It would be the first time it has offered what it calls an “advertised update” or a “major update” to people still running 2010′s Firefox 3.6.
A Russian web site that loads for mobile users only and looks similar to the Opera.com home page now offers a piece of malware, disguised as OperaMini.jar
Upon visit, a user is notified about the new update that should be downloaded, which, when installed, will start sending text messages to premium numbers.
ScriptScan ships with McAfee’s VirusScan antivirus program. It’s designed to keep Web surfers safe by scanning for any malicious scripting code that might be running in the browser. According to Mozilla, however, it has an unintended side effect: It can cause Firefox to crash…a lot.
Mozilla said that the extension “causes a high volume of crashes,” and is “strongly encouraging” users to disable the software. The warning applies to all users of version 14.4.0 and below of the plugin.
A year after it pulled the plug on silent updates in Firefox 4, Mozilla said it will debut most of the behind-the-scenes feature by early next year. Assuming Mozilla pulls off silent upgrading this time around, it would make Firefox only the second browser to take that route. Google’s Chrome has been the poster boy for automatic updates that remove the user from the equation and can’t be switched off.
Remember how Microsoft Security Essentials “mistakenly” classified Google Chrome as malware? Well, Google released new versions of Chrome for both the “stable” and “beta” channels to fix the Microsoft mess.
Although Microsoft released an antivirus definition file within hours of the Friday fiasco, scores of Chrome users reported that they were unable to reinstall the browser or that if they had, they had lost their browser bookmarks.
- Internet Explorer 9 on Windows 7 Passes 30% Share in the US
- CSS3 text-shadow in IE10
- IE9 Mobile Developer Overview
- Double Trojan infects IE, Firefox in one swoop
- Firefox devs mull dumping Java to stop BEAST attacks
- Top 9 Firefox fixes
- Firefox 3.6.23 security update now available
- Google’s Chrome browser: Coming soon to Android?
- Google Chrome Stable and Beta Channel Updates
- Google Chrome Dev Channel Update
- Opera: Amazon’s Silk Browser is Flattering, But Five Years Late
- Opera: A shining new [bookmark] star
- HTML5 Template Generators, Frameworks And Tools
[Thanks, Ichan, RamaSubbu SK, Shane Bundy]