Chrome security update and researchers' bonuses
Google has released a new stable version of its Chrome browser. The update fixes seventeen high severity vulnerabilities and updates the bundled Flash player. Google referred users to Adobe for details of the Flash Player update, and as usual, revealed few details about the seventeen holes that it closed in the release. It did, though, say that the researchers earned between $500 and $3000 for their vulnerability disclosures.
One researcher, Michel Aubizzierre, working under the name miaubiz, found four bad casting flaws, three of which were related and listed under CVE-2011-3037, and five use-after-free errors. Aubizzierre recently presented a lecture on "Unearthing the world's best WebKit bugs" at the Infiltrate conference. The lecture discusses how machine learning techniques help him identify safety-related source code changes.
Aubizzierre was one of three researchers who had "special rewards" from Google. Logged under bugs 116661 (status Rockstar), 116662 (status Legend) and 116663 (status Superhero), Aubizzierre, Aki Helin of OUSPG and Arthur Gerkis were awarded $10000 each for their "sustained, extraordinary contributions" to tracking down vulnerabilities in Chrome. Helin was noted for the "Awesome variety of fuzz targets" reported on and Gerkis for the "Significant pain inflicted upon SVG". All three bug reports were also listed as CVE-1337-d00d1, CVE-1337-d00d2 and CVE-1337-d00d3, apparently labelling each researcher as a leet dude.
The Google Chrome update also addressed a number of non-security issues such as cursors and backgrounds not loading, plugins not loading on some pages, stopping text paste including trailing spaces, and issues with touch controls on some sites. The fixed version of Chrome will be automatically downloaded by Chrome's auto-update mechanism.