The five vulnerabilities plugged in the Chrome 18 update include three high-risk “use-after-free” flaws and two medium-risk flaws – IPC validation failure and race condition in sandbox IPC.
Google only handed out one bug bounty, for $1,000, to “miaubiz”. Other researchers acknowledged (but not paid) by Google include “wushi of team509”, Pinkie Pie, and Willem Pinckaers.
“This round of patches in Chrome is one of the rare occasions when the company didn't have to pay out much in the way of rewards to researchers who reported vulnerabilities”, commented Dennis Fisher, editor of Kaspersky Lab’s Threatpost.
Google said that the high-risk vulnerabilities were detected using AddressSanitizer.
At the end of last month, Google shipped Chrome 18 with nine security fixes. Three of the fixed holes were high risk, five were medium risk, and one was low risk. The high-risk flaws included off-by-one in OpenType Sanitizer, user-after-free in SVG clipping, and memory corruption in Skia.
For Chrome 18, Google doled out $4,000 in bug bounties, as well as additional $8,000 to researchers for working with the company during the development cycle and preventing security regressions from reaching the stable channel.