4 Chrome Bug Hunters Take Record Google Bounty
Google has paid out a record $26,511 in bounty to four researchers who found bugs in the Chrome browser.
Russian Sergey Glazunov and Michel Aubizziere (aka "miaubiz") took much of the prize money with $13,674 and $10,337, respectively. The two regular Google bug hunters so far have accounted for 57 percent of all bug payments this year.
For finding five bugs that Google labeled as "cross-origin policy violations," Glazunov was paid $12,147. Miaubiz was paid $6,337 for one Common Vulnerabilities & Exposures containing six bugs. He used Google's memory error detection tool called AddressSanitizer released in June to find the bugs.
Google patched the total 18 discovered vulnerabilities on Tuesday and upgraded the browser to version 15. The last refreshment of Chrome was Sept. 16. Updating is about every six weeks.
Google started offering in January 2010 bounty for bugs or security loopholes found on Chrome to make the browser safe for its millions of users. The bounty varies depending on the flaws reported.