Patch/Configuration Management, Vulnerability Management

Google shells out $75K in bug bounties for Chrome 38 release

Google has paid more than $75,000 in bug bounties to security researchers who helped discover flaws patched in its recent release of Chrome 38.

While there were no revolutionary features added to the stable release, a total of 159 security fixes were issued, 113 of which the company describe as “relatively minor fixes,” according to a recent blog post on the update.

Security expert Jüri Aedla, who is also a former Google security engineer, earned more than $27,000 for his discoveries – V8 and IPC bugs that if leveraged could lead to remote code execution outside of the sandbox. The “minor fixes” were all found thanks to MemorySanitizer, a tool created by Google that detects memory initialization flaws.

The recent release is intended for Windows, Mac and Linux users.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.