ie8 fix
madison

Zero Day

Ryan Naraine, Emil Protalinski and Dancho Danchev
Home / News & Blogs / Zero Day

Google pays $14,000 for high-risk Chrome security holes

By | January 14, 2011, 9:52am PST

Summary: Google has shelled out more than $14,000 in rewards for critical and high-risk vulnerabilities affecting its flagship Chrome web browser.

Google has shelled out more than $14,000 in rewards for critical and high-risk vulnerabilities affecting its flagship Chrome web browser.

The latest Google Chrome 8.0.552.237, available for all platforms, patches a total of 16 documented vulnerabilties, including one critical bug for which Google paid the first elite $3133.7 award to researcher Sergey Glazunov.

“Critical bugs are harder to come by in Chrome, but Sergey has done it,” says Google’s Jerome Kersey. “Sergey also collects a $1337 reward and several other rewards at the same time, so congratulations Sergey!,” he added.follow Ryan Naraine on twitter

Here are the details on the latest Chrome patch batch.

  • [58053] Medium Risk: Browser crash in extensions notification handling. Credit to Eric Roman of the Chromium development community.
  • [$1337] [65764] High Risk: Bad pointer handling in node iteration. Credit to Sergey Glazunov.
  • [66334] High Crashes when printing multi-page PDFs. Credit to Google Chrome Security Team (Chris Evans).
  • [$1000] [66560] High Risk: Stale pointer with CSS + canvas. Credit to Sergey Glazunov.
  • [$500] [66748] High Risk: Stale pointer with CSS + cursors. Credit to Jan Tošovský.
  • [67100] High Risk: Use after free in PDF page handling. Credit to Google Chrome Security Team (Chris Evans).
  • [$1000] [67208] High Risk: Stack corruption after PDF out-of-memory condition. Credit to Jared Allar of CERT.
  • [$1000] [67303] High Bad memory access with mismatched video frame sizes. Credit to Aki Helin of OUSPG; plus independent discovery by Google Chrome Security Team (SkyLined) and David Warren of CERT.
  • [$500] [67363] High Risk: Stale pointer with SVG use element. Credited anonymously; plus indepdent discovery by miaubiz.
  • [$1000] [67393] Medium Risk: Uninitialized pointer in the browser triggered by rogue extension. Credit to kuzzcc.
  • [$1000] [68115] High Risk: Vorbis decoder buffer overflows. Credit to David Warren of CERT.
  • [$1000] [68170] High Risk: Buffer overflow in PDF shading. Credit to Aki Helin of OUSPG.
  • [$1000] [68178] High Risk: Bad cast in anchor handling. Credit to Sergey Glazunov.
  • [$1000] [68181] High Risk: Bad cast in video handling. Credit to Sergey Glazunov.
  • [$1000] [68439] High Risk: Stale rendering node after DOM node removal. Credit to Martin Barbella; plus independent discovery by Google Chrome Security Team (SkyLined).
  • [$3133.7] [68666] Critical: Stale pointer in speech handling. Credit to Sergey Glazunov.
Google is withholding technical details on the vulnerabilities until the patches are released to its users.  Google ships updates via the browser’s silent/automatic update mechanism.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Topics

Google Inc., Team, Adobe PDF, CERT, Google Chrome, Chrome OS, Stale, CSS, Team Management, Human Capital Management, Security, Scripting Languages, Software/Web Development, Web Development, Management, Human Resources, Workforce Management, Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues.

Disclosure

Ryan Naraine

The most important disclosure is of my employment with Kaspersky Lab as a member of the global research and analysis team. Kaspersky Lab is a global company specializing in anti-malware and secure content management technologies. I do not own stocks or other investments in any technology company.

Biography

Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content management technologies.

Prior to joining Kaspersky Lab, Ryan was Editor-at-Large/Security at eWEEK, leading the magazine's and Web site's coverage of Internet and computer security issues and managing the popular SecurityWatch blog, covering the daily threats, vulnerabilities and IT security technologies. He also covered IT security, hacker attacks and secure content management topics for Jupiter Media's internetnetnews.com.

Ryan can be reached at naraine SHIFT 2 gmail.com. For daily updates on Ryan's activities, follow him on Twitter.

10
Comments
Add Your Opinion

Join the conversation!

Just In

RE: Google pays $14,000 for high-risk Chrome security holes
lovedong 13th Sep
thanks for your hardwork doing this lists... replica watches best
View in thread
0 Votes
+ -
Great work! A big thanks to all involved, BUT, Google, you can afford to
DonnieBoy 14th Jan 2011
pay more.
0 Votes
+ -
RE: Google pays $14,000 for high-risk Chrome security holes
shellcodes_coder 14th Jan 2011
@DonnieBoy
it's useless for a troll like you
0 Votes
+ -
Donnie Boi...What happend to OSS being inherently more secure?
xuniL_z 17th Jan 2011
@DonnieBoy...for a company that makes very few software products it relies almost solely on giant corporate money grubbing advertising that disrupts our freedom to watch video on line, by people who put it there for free, by forcing us to sit through commercial after commercial, which is the way of the dinosaur network television channels and shows Google is not forward thinking at all but makes it's money from old corporate advertising.
Hardly what anyone woudl call "freedom" It's the same thing we've have to endure all of our lives, just now brought to the web via Google...yeah real freedome DB.

And this many bugs on one of their very few software projects? Compared to a real software house, like Microsoft that has a portfolio which is massively larger than Google's will ever be, this amount of swiss cheese code from Google is unacceptable and why they need to stick to advertising so you can enjoy "Dove" commmercials before every video you watch. Of course, you somehow feel that is freedom at it's finest.
0 Votes
+ -
RE: Google pays $14,000 for high-risk Chrome security holes
lovedong 13th Sep
Thank you for sharing! =D replica watches best
0 Votes
+ -
This is a lie! Google and Linux has no vulnerabilities..
transposeIT 14th Jan 2011
Author must be a Microsucks shill...DonnieBoy for President...
0 Votes
+ -
Need to get used to this...
modrax Updated - 15th Jan 2011
read the post in Chrome and the first thing i did was to check what version i had. only to realize that Chrome updated itself. bad habits die hard after living in a microsoft world of user initiated updates. wish all would use this approach of silent updates
0 Votes
+ -
WAAAAAAAAAA!!!???? You didn't know you can set WU to auto update??
xuniL_z 17th Jan 2011
@modrax, But beyond the setting of Windows updates to Automatic, one time Microsoft (sorry, Microsucks) sent a silent update via Windows update and the entire zdnet "he man, windows haters club" wrote post after post about how evil MS was for sending in code without THEIR permission. The thing was it was an update to the windows update mechanism itself and made the most sense of all to be silent and done for Everyone because of changes no newer updates would come in until that code was in place.
Nevertheless, the outrage here was at a fever pitch, as it always is with anything Microsoft (sorry, microsucks), so you would think that this practice by Google would be condemned by the same group of people.

Nope..I'm sure not. They would find a way to make it seem noble that Google was doing the same thing they found utterly offensive and an insult to their good family name and they NEVER want code coming in w/o the ability to check it out and see what it is first.
0 Votes
+ -
RE: Google pays $14,000 for high-risk Chrome security holes
lovedong 13th Sep
thanks for your hardwork doing this lists... replica watches best
0 Votes
+ -
Microsoft 'Point & Click' syndrome
open_source_01 15th Jan 2011
Like all Windows Server 'Point & Click' fear mongers, they are afraid they will be delegated to the help_desk.

Open_Source is where the future is, Android has SMASHED the infamous 'Windows_Lock_UP_handhelds'....

Chrome is 1000 times faster than the IE aka (trojan/virus/worm/malware/spyware) magnet. It cannot even pass acidtest...

Good luck Bubble MSCE(s) you will need it!
0 Votes
+ -
This is the year of Linux! For sure this time...maybe...probably...
transposeIT 20th Jan 2011
just see the previous years for reference.

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix