Google patches 11 vulnerabilities in Chrome days before hacking contest
Apple was the first to beef up security of its browser, but Google's Chrome is the only one predicted to survive Pwn2Own
Google has patched 11 vulnerabilities in the Windows version of Chrome, including one that earned its finder the first $1,337 check from the company's new bug bounty program.
Like Apple, which updated Safari last week, Google beefed up the security of its browser just days before the Pwn2Own browser hacking contest was to kick off in Canada.
[ TippingPoint is offering hackers $100,000 for browser and phone exploits at Pwn2Own. | Apple's browser, which expected to be the first to fall in the hacking contest, recently got 16 fixes. ]
The update to Chrome 4.1.249.1036 fixes six flaws rated "high," the second-most-severe ranking in Google's four-step threat system; plugs three "medium" holes; and quashes two "low" bugs.
Danish vulnerability tracker Secunia rated the update as "highly critical."
Although Google typically hides technical details of the most serious vulnerabilities when it issues an update -- it blocks bug tracker entries to prevent attackers from using the information -- all of the 11 bugs are behind the wall this time.
"The referenced bugs may be kept private until a majority of our users are up to date with the fix," explained Orit Mazor, a technical program manager with the Chrome team, in a blog entry Wednesday.
A bug in WebKit, the open-source browser engine that powers Chrome as well as Safari, earned researcher Sergey Glazunov a check for $1,337, the maximum Google pays for vulnerabilities as part of a bounty program that debuted last January. Most flaws earn their finders just $500, but "particularly severe or particularly clever" bugs reap rewards of $1,337 each. The amount is a reference to "leet," a kind of geek-speak used by some researchers; there, "leet" is rendered as "1337."
Other vulnerabilities were credited to Mark Dowd, a noted browser and OS vulnerability researcher who is working under contract for Google; Robert "RSnake" Hansen, CEO of SecTheory; and Aki Helin of OUSPG (Oulu University Secure Programming Group), Oulu University in Finland.
Altogether, Google paid out $3,337 in bounties for the bugs it patched Wednesday.
Only the Windows "stable" channel -- a term Google uses in place of "final" -- was patched; the Mac and Linux versions of Chrome have not yet left the "beta" channel.
Google added several non-security features to Wednesday's update, including integrated language translation and new private browsing settings, that had made their way into the beta earlier this month.
