Share

Top 5 Stories

News

Google fixes 19 flaws in Chrome, pays researchers $14,000

02 March 2011

Google has released fixes for 19 bugs in Chrome, doling out $14,000 to researchers for identifying the flaws.

The security update to Chrome 9.0.597.107 fixed 16 flaws rated as “high” – second to “critical” in terms of severity – and 3 flaws rated as “medium.”

The flaws involved several Chrome components, including WebGL, the hardware accelerated 3D graphics API; scalable vector graphics (SVG) rendering and animation; and the browser's address bar.

Google locked its bug tracking database to prevent outsiders from viewing the technical details of the flaws, according to a report by Computerworld. Google blocks public access to flaws to give users time to update.

The security update comes a week before the Pwn2Own hacking contest being held at the CanSecWest security conference in Vancouver. Google is offering to pay $20,000 and provide a CR-48 notebook computer to anyone who can hack into Chrome at the contest.

To ensure that Chrome is hack-proof, Google last month fixed a critical flaw in Chrome involving a “race condition in audio handling” that was uncovered by the gamers of Reddit. That flaw could be exploited to bypass the Chrome sandbox, noted Vupen Security. Google also fixed eight other flaws at that time.

This article is featured in:
Application Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×