$26,511 were paid out by Google to researchers who made the search giant aware of some of the 18 Chrome vulnerabilities that were taken care of recently. 11 of the 18 vulnerabilities received the second highest rating on Google’s danger meter, namely “high,” while three were classified as “medium” and another four were pegged as “low.”
The $26,511 were paid out to four researchers, two of which were Sergey Glazunov and “miaubiz” who earned $13,674 and $10,337 respectively. Being regular Chrome vulnerability finders, they account for 57% of all bug payments this year. An amount exceeding $170,000 in bounties has been paid out by Google so far for the year of 2011. Set more than two months ago, the previous bounty amounted to $17,000.
Glazunov and miaubiz retrieved their checks for reporting several bugs that Google then combined into one CVE (Common Vulnerabilities & Exposures) identifier. As usual, Google kept access to the bug tracker database for all the vulnerabilities from the public to block outsiders from obtaining any details on the flaws.
In addition to the above, Google also declared that it updated Chrome to BEAST, an acronym for “Browser Exploit Against SSL/TLS.” This hacking tool which debued last month attacks browsers and decrypts cookies, allowing attackers to attain encrypted website username and password credentials.
About (Author Profile)
Being passionate about software, Armin joined FavBrowser.com in early 2011 and has been actively writing ever since. Having accepted the challenge, he also enjoys watching anime, indulging in good books, staying fit and healthy, and trying new things.