Print
Bug collecting can be quite the lucrative hobby, provided they're of the software variety. Google routinely pays out three-, four-, and sometimes five-figure bounties to bug hunters who find and report vulnerabilities in the company's Chrome browser, but yesterday, it took the unusual step of paying a pair of software gurus $5,000 for reporting an issue in Windows.
"Occasionally, we issue special rewards for bugs outside of Chrome, particularly where the bug is very severe and/or we are able to partially work around the issue," Google's Chrome team stated in a blog post.
Eetu Luodemaa and Joni Vähämäki from independent software vendor (ISV) Documill were the recipients of the $5,000 award, which tied for the second largest sum awarded in this round of bug bounties. They discovered a kernel memory corruption issue in Windows.
Bug bounty rockstar Sergey Glazunov also received $5,000 for a single bug discovery, along with a $10,000 bounty for rooting out a cross-site scripting vulnerability in Chrome that, if left unchecked, it would have allowed remote attackers to inject arbitrary web script or HTML code.
Google paid out $29,500 in all for this round of bug hunting focused on vulnerabilities found in Chrome 22.
Follow Paul on Google+, Twitter, and Facebook
Comments are closed on this article
Links:
[1] http://www.maximumpc.com/user/paul_lilly
[2] https://www.google.com/intl/en/chrome/browser/
[3] http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html
[4] https://plus.google.com/113266473617484509826
[5] https://twitter.com/#!/paul_b_lilly
[6] http://www.facebook.com/Paul.B.Lilly
[7] http://www.maximumpc.com/tags/browser
[8] http://www.maximumpc.com/tags/bug_bounty
[9] http://www.maximumpc.com/tags/chrome
[10] http://www.maximumpc.com/tags/google
[11] http://www.maximumpc.com/tags/security
[12] http://www.maximumpc.com/tags/software
[13] http://www.maximumpc.com/tags/windows
[14] http://www.maximumpc.com/articles/news