Google Pays Out for Security Hacks

The old saying, keep your friends close and your enemies closer. Re-apply that to keep your security close, but the hackers closer. That is what Google has done. Google has given then $14,000 in rewards for discovering critical and high-risk vulnerabilities affecting its Chrome web browser. This process of paying people to discover browser vulnerabilities has been ongoing now for several months.

Google issued patches for 16 documented vulnerabilities. The current Chrome version is 8.0.552.237 and the patches affect this and previous versions. Indeed, one researcher, Sergey Glazunov, found a critical bug and he received over $3100 for the discovery.

Here is a breakdown of the discovered risks.

Medium Risk:

[$1000] [67393] Medium Risk: Uninitialized pointer in the browser triggered by rogue extension.

[58053] Medium Risk: Browser crash in extensions notification handling

High Risk:

  • [$1337] [65764] High Risk: Bad pointer handling in node iteration.
  • [66334] High Crashes when printing multi-page PDFs.
  • [$1000] [66560] High Risk: Stale pointer with CSS + canvas.
  • [$500] [66748] High Risk: Stale pointer with CSS + cursors.
  • [67100] High Risk: Use after free in PDF page handling.
  • [$1000] [67208] High Risk: Stack corruption after PDF out-of-memory condition.
  • [$1000] [67303] High Bad memory access with mismatched video frame sizes.
  • [$500] [67363] High Risk: Stale pointer with SVG use element.
  • [$1000] [68115] High Risk: Vorbis decoder buffer overflows.
  • [$1000] [68170] High Risk: Buffer overflow in PDF shading.
  • [$1000] [68178] High Risk: Bad cast in anchor handling.  .
  • [$1000] [68181] High Risk: Bad cast in video handling
  • [$1000] [68439] High Risk: Stale rendering node after DOM node removal.

Critical risk:

[$3133.7] [68666] Critical: Stale pointer in speech handling.

For all users, the question is, are the vulnerabilities fixed? Google quietly ships updates using the browser’s silent/automatic update mechanism. This keeps updates current without the need for user intervention (or approval).

Source: zdnet


Comments are closed.