Google pays bug hunters for finding Windows flaw

Identification of a problem with Microsoft's OS merits an award from Google's Chrome security effort. Also, Chrome 22 improves Web-based games, and Chrome for iOS supports the iPhone 5.

Google Chrome logo

You might think Microsoft would be the one handing out awards to those who report security vulnerabilities in Windows, but yesterday it was Google that paid $5,000 to a pair who found one such problem.

Along with the release of the final, stable version of Chrome 22, Google announced that it's paying the bug bounty to Eetu Luodemaa and Joni Vahamaki of Documill for finding a memory corruption issue in Windows.

The award is part of a revised Chrome bug bounty policy in which Google pays for more than just Chrome bugs. "Occasionally, we issue special rewards for bugs outside of Chrome, particularly where the bug is very severe and/or we are able to partially work around the issue," said Chrome team member Jason Kersey in a blog post.

Google also paid hall-of-famer Sergey Glazunov an unusually lucrative $10,000 bounty for a high-risk universal cross-site scripting (UXSS) vulnerability in Chrome. It was part of $29,500 total paid out for vulnerabilities fixed in Chrome 22.

The new browser also adds support for the pointer lock interface (also sometimes called mouse lock), a technology widely used in games. With pointer lock, a gamer can, for example, change perspective in a scene by moving the mouse around, but it's not necessary to hold the mouse button down.

"While games are fun, these capabilities also empower other types of applications such as medical and scientific visualization, training, simulation, modeling, authoring packages, and more," said Google's Vincent Scheib in a blog post. The new version also includes "continued polish for users of HiDPI/Retina screens," Google said, though plenty of work remains supporting high-resolution displays.

Earlier this week, Google released a new version of Chrome for iOS that supports the iPhone 5 and fixes issues with Gmail on iOS 6. That version is based on Chrome 21, and it's got mature-audience constraint: "You must be at least 17 years old to download this app," the app store listing says.

Google also patched Chrome 21 for Macs running OS X 10.5, keeping alive an older branch of the browser. Google decided in July that Chrome 21 would be the last version to support Mac OS X 10.5 , released initially in 2007.

The update was the final hurrah for Chrome on Mac OS X 10.5. "This week's push was the last for 21. Folks will be able to update to this version at any time. It won't go away but we won't be supporting it," spokeswoman Lily Lin said.

Update, 9:16 a.m. PT: Adds note that there will be no more updates of Chrome 21.

 

Join the discussion

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

HOT ON CNET

Want affordable gadgets for your student?

Everyday finds that will make students' lives easier: chargers, cables, headphones, and even a bona fide gadget or two!