Google has fixed 19 security flaws in its Chrome browser, including more than a dozen high-risk bugs. The company paid out $3,500 in rewards to security researchers who reported flaws. Two of the high-risk vulnerabilities fixed in Chrome 33 are use-after-free flaws, one in SVG images and the other in speech recognition. There’s also a[...]
Browsing Tag: google
SAN FRANCISCO–The security of data being transmitted over the Web relies on a large number of moving parts, from the integrity of the machine sending the data, to the security of the browser, to the implementation of encryption, to the fragility of the certificate authority system. Experts have been spending the best part of the[...]
Google Chrome 33 is out, and the new version of the browser includes fixes for 28 security vulnerabilities, including a number of high-severity bugs. The company paid out more than $13,000 in rewards to researchers who reported vulnerabilities that were fixed in this release. One of the high-priority vulnerabilities Google patched in Chrome 33 is[...]
The Internet Bug Bounty program, a cooperative effort among security experts and vendors, paid out its first $10,000 bounty this week for a serious Flash vulnerability. The flaw, which Adobe fixed in December, was a serious one that has been used in targeted attacks. Started in November, the Internet Bug Bounty is a system set[...]
Google has announced it will retool its bounty program and extend its scope to include all Chrome apps and extensions branded as “by Google.”
Twelve seemingly legitimate Chrome browser extensions installed by more than 180,000 users are injecting advertisements on 44 popular websites.
Bug bounty programs are springing up in more and more places every day, and the latest site to join the list is GitHub.
Google plans to offer more than $2.7 million in potential rewards in the next iteration of its Pwnium hacking competition at this year’s CanSecWest conference in Vancouver.
Exploit code has been published for a Google Chrome bug that allows malicious websites granted permission to use a computer’s microphone for speech recognition to continue listening after a user leaves the website.
There is a bug in the anti-cross site scripting filter in Chrome and Safari that enables an attacker to bypass the filter in some cases and use an XSS flaw on a given site to compromise visitors’s machines. The vulnerability is fairly simple to exploit and a researcher has posted proof-of-concept code. The vulnerability lies[...]