Sometimes the wisdom of the crowds comes in the form of free advice. Other times, it comes at a premium.
Google launched its bug bounty program last year, offering security researchers financial compensation for bringing new security vulnerabilities to its attention. Now, the firm has issued an update to its Chrome browser and operating system that addresses at least 16 security flaws, resulting in its biggest payout to date under the program.
Security researcher Sergey Glazunov received more than $7,000 in his bug bounty payout, including $3,133.70 for calling attention to a so-called Elite-level flaw, relating to the discovery of a stale point flaw. Glazunov was also credited for the discovery of four other vulnerabilities.
eSecurity Planet reports on Google’s latest bug bounty and the Chrome 8 update, which includes a pair of fixes to an integrated PDF reader.