Google has fixed two bugs in its Chrome browser, including a high-severity vulnerability in its media handler that a researcher named Pinkie Pie discovered. The bug, which is different from another use-after-free vulnerability the researcher used in the Pwnium contest at Hack in the Box in October, was serious enough to earn him a bug bounty of more than $7,000.
Google repaired the two high-priority vulnerabilities in Chrome 23, pushing out the new version to users late last week. The company has been very quick to fix security vulnerabilities, especially those that have been made public or come out of contests such as Pwn2Own or the company’s own Pwnium, which gives researchers monetary incentives for finding particularly severe flaws in the browser during a set period of time at a conference. The first of the Pwnium contests, which was at CanSecWest in Vancouver earlier this year, produced two sets of bugs from separate researchers who were able to produce full sandbox escapes and compromises of Chrome.
Google patched all of those vulnerabilities within a couple of days of their discovery, and was able to do the same with the other bugs that Pinkie Pie used in the second Pwnium contest at Hack in the Box in October. The company recently said that it would be handing out some larger-than-usual rewards to researchers who report particularly severe or unusual bugs. The use-after-free that Pinkie Pie discovered and Google fixed in Chrome 23 met those criteria, as it was an exploit for 64-bit systems, and earned him $7,331.
Here are the flaws fixed in Chrome 23: