Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Google Bug Security The Almighty Buck Technology

Google Pushes New Chrome Release, Pays $14k Bounty 182

Posted by timothy from the return-on-investment dept.
Trailrunner7 writes "Google has released version 8.0.552.237 of its Chrome browser, which includes fixes for 16 security vulnerabilities. The company also paid out more than $14,000 in bug bounties for the flaws fixed in this release, including the first maximum reward of $3133.7. The new version of Google Chrome has fixes for 13 high-priority bugs, but the most serious vulnerability the company repaired in the browser is a critical flaw resulting from a stale pointer in the speech handling component of Chrome. That flaw, along with four others, was discovered by researcher Sergey Glazunov, who earned a total of more than $7,000 in rewards for the bugs he reported to Google."
This discussion has been archived. No new comments can be posted.

Google Pushes New Chrome Release, Pays $14k Bounty More

Google Pushes New Chrome Release, Pays $14k Bounty

Comments Filter:

  • Re:One of the best things about Chrome ... (Score:5, Informative)

    by BZ ( 40346 ) on Friday January 14, 2011 @12:55AM (#34873886)

    > Schedule updates for when I close the app because it's pretty damn likely I don't need to
    > use it for a few minutes.

    It's not that simple. When you close the app in the case of a web browser, you're most likely shutting your machine down; you don't want to do the update then.

    The only sane way to do it is what Google does: actually replace the binaries in-place as the program runs... We're working on getting there. :)

  • Re:One of the best things about Chrome ... (Score:5, Informative)

    by mysidia ( 191772 ) on Friday January 14, 2011 @01:03AM (#34873926)

    Is that updates take place silently and promptly without any user intervention even on systems with UAC activated (a copy is installed to %appdata%).

    Hm.. that idea wouldn't work on any systems I setup.

    Software restriction policy all systems, Policy default: deny.

    Programs can be executed from the default allowed directories. %programfiles% , %systemroot%\system32, etc, and some designated paths for placing executables in manually, in order to install them.

    User profile directories including appdata are specifically excluded, because this is best common practice. Programs/executables don't belong in any user's profile or appdata folder (Especially not in any folder used as a default download directory for saving files or temporary directory used by a mail application for opening attachments in a viewer). Contents of appdata is a data folder, and all of a user's profile are data folders, not program folders.

Slashdot Top Deals

UNIX is hot. It's more than hot. It's steaming. It's quicksilver lightning with a laserbeam kicker. -- Michael Jay Tucker

Close