It seems that Google is very keen to squish bugs in its Chrome browser; so much so in fact that, according to Infoworld, it has paid one researcher $3,133.7 for finding a single bug. Researcher Sergey Glazunov discovered a flaw related to "stale pointer in speech handling." This apparently affects the code in the application which handles allocation of RAM. Google's Chrome programming manager, Jason Kersey, had this to say:
"We’re delighted to offer our first “elite” $3,133 Chromium Security Reward to Sergey Glazunov. Critical bugs are harder to come by in Chrome, but Sergey has done it. Sergey also collects a $1337 reward and several other rewards at the same time, so congratulations Sergey!"
This is the first time that a critical bug has been discovered since Google launched the scheme in December of last year. According to Infoworld, all in all, Google paid Glazunov $7,470, and a total of $14,000 to various researchers including Glazunov.
The browser currently has a 10% share of the market in terms of users, so security is a key priority for Google, as attacks and malware become ever more sophisticated. Google plans to continue the program for the foreseeable future as it provides a key incentive for independent researchers such as Glazunov.
The latest version of Google Chrome can be downloaded from here or via the automatic updates function.
32 Comments - Add comment