Google announced on Tuesday the availability of Chrome 38 for Windows, Linux and Mac. The latest version of the Web browser patches a total of 159 security vulnerabilities.
In late September, Google revealed its intention to start paying more money to researchers who contribute to making Chrome more secure. More precisely, it promised between $500 and $15,000 per bug. The company has kept its promise and, on this occasion, it rewarded researchers who reported Chrome vulnerabilities with approximately $75,000.
According to the company, of the total of 159 flaws fixed in Chrome 38, 113 are relatively minor bugs found with the aid of MemorySanitizer, a tool designed to detect uninitialized memory reads in C/C++ programs.
The largest reward was handed out to Jüri Aedla, who identified a combination of V8 and IPC bugs that can lead to remote code execution outside the sandbox (CVE-2014-3188). Aedla has been rewarded with $27,633.70 for finding this critical issue which affects both Chrome and Chrome OS. The researcher also got $4,500 for an information leak in V8 (CVE-2014-3195).
According to Google’s new payment scheme, the maximum reward for a well-documented sandbox escape is $15,000. However, the company pays much more for particularly great reports. In August, the company paid $30,000 to a researcher known as lokihardt@asrt for a combination of bugs in V8, IPC, sync, and extensions that could have led to remote code execution outside the sandbox.
The researcher using the online moniker “cloudfuzzer” earned a total of $11,000 for identifying four high-severity vulnerabilities. The expert uncovered three use-after-free issues in Events, Rendering and DOM, and an out-of-bounds read in PDFium.
James Forshaw was awarded $3,000 for a permission bypass in the Windows sandbox. Miaubiz and Takeshi Terada each received $1,500 for a high-severity type confusion in session management, respectively a medium-severity information leak in XSS Auditor.
Atte Kettunen of OUSPG and Collin Payne were given $1,500 and $2,000 for findings some vulnerabilities. However, Google gave them an additional $23,000 for working with the company during the development cycle to ensure that security flaws don’t make their way to the stable channel.
Chrome for iOS has also been updated. In addition to better support for iPhone 6, the latest release also includes a fix for a low-severity issue with FaceTime and FaceTime-audio URL schemes identified by Matias Brutti.