Google Pays $55,000 for High-Severity Chrome Browser Bug

December 11, 2024 at 10:19AM Google has released a Chrome update addressing three vulnerabilities, including two high-severity memory safety bugs in the V8 JavaScript engine, one of which led to a $55,000 bug bounty. The update also fixes a use-after-free defect. No exploitation of these vulnerabilities has been confirmed yet. ### Meeting Takeaways: 1. **Chrome … Read more

Google fixes ninth Chrome zero-day exploited in attacks this year

August 22, 2024 at 11:22AM Google released a new emergency security update for Chrome to patch a zero-day vulnerability exploited in attacks. The high-severity CVE-2024-7971 vulnerability in Chrome’s V8 JavaScript engine was reported by Microsoft researchers. The update (128.0.6613.84/.85) will be automatically rolled out to users, and manual updates can be initiated through the Chrome … Read more

Chrome 120 Update Patches High-Severity Vulnerabilities

December 13, 2023 at 07:00AM Google announced the release of Chrome 120 security update addressing nine vulnerabilities, with six reported by external researchers. The most severe resolved vulnerability is a type confusion bug in the V8 JavaScript engine, with CVE-2023-6702. Google paid out bug bounties totaling $50,000 and has restricted access to vulnerability details. The … Read more