Pitch Deck Template
Startup Dubai Konnect

Google pays Apple $15,000 for hacking chrome security

, By Team SNFYI
Google
TechWorld News

Share via:

Google has confirmed that a high-severity security flaw in its Chrome web browser was discovered by Apple’s Security Engineering and Architecture team (SEAR). As part of responsible disclosure, Apple’s SEAR team reported the vulnerability to Google, leading to the issuance of an update by the tech gaint to fix the issue. Surprisingly, Chrome paid Apple a bug bounty of $15,000 for the discovery and disclosure of the vulnerability, showcasing a unique collaboration between tech giants.

Role of Apple’s SEAR Team

Apple’s SEAR team is responsible for ensuring the security of operating systems across all of Apple’s product lines. They are renowned for their expertise in uncovering vulnerabilities within Apple’s own products, such as iOS. In the course of their security research, if they come across vulnerabilities in third-party products, they engage in responsible disclosure by informing the affected party, as exemplified in this case with Google and Chrome.

Google Vulnerability – CVE-2023-4072

Chrome’s WebGL implementation has a vulnerability called CVE-2023-4072, causing “out of bounds read and write” issues. WebGL enables interactive graphics in browsers without plug-ins. The vulnerability lets a program access data beyond allocated memory, posing risks to confidentiality, integrity, and availability.

Google Approach to Disclosure

Google is handling the disclosure of the vulnerability cautiously by restricting the release of technical details until a significant number of Chrome users have updated their browsers. This approach ensures that potential bad actors are not provided with crucial information to exploit the vulnerability. It also indicates Google’s commitment to safeguarding its users’ security.

The Importance of Responsible Collaboration

Google discovered a vulnerability and issued an update promptly. This highlights responsible collaboration in the tech industry. Google acknowledged Apple’s contribution and rewarded it with a bug bounty. This reinforces cooperation and information sharing for cybersecurity. Currently, there are no known exploits for CVE-2023-4072, reassuring Chrome users.

Also Read The Latest News:
Tech enthusiast Sohan Rai’s viral drone delivery experiment with Zomato sparks controversy and excitement

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Previous News
Amazon unveils ambitious plans for India: Aims for $20 billion ecommerce exports and 2 million jobs by 2025
Next News
NPCI’s UPI AutoPay : Gullak becomes the first to launch 1 click savings
Team SNFYI
Team SNFYI

Popular

More Like this

Load more

Google pays Apple $15,000 for hacking chrome security

, By Team SNFYI
Google
TechWorld News

Google has confirmed that a high-severity security flaw in its Chrome web browser was discovered by Apple’s Security Engineering and Architecture team (SEAR). As part of responsible disclosure, Apple’s SEAR team reported the vulnerability to Google, leading to the issuance of an update by the tech gaint to fix the issue. Surprisingly, Chrome paid Apple a bug bounty of $15,000 for the discovery and disclosure of the vulnerability, showcasing a unique collaboration between tech giants.

Role of Apple’s SEAR Team

Apple’s SEAR team is responsible for ensuring the security of operating systems across all of Apple’s product lines. They are renowned for their expertise in uncovering vulnerabilities within Apple’s own products, such as iOS. In the course of their security research, if they come across vulnerabilities in third-party products, they engage in responsible disclosure by informing the affected party, as exemplified in this case with Google and Chrome.

Google Vulnerability – CVE-2023-4072

Chrome’s WebGL implementation has a vulnerability called CVE-2023-4072, causing “out of bounds read and write” issues. WebGL enables interactive graphics in browsers without plug-ins. The vulnerability lets a program access data beyond allocated memory, posing risks to confidentiality, integrity, and availability.

Google Approach to Disclosure

Google is handling the disclosure of the vulnerability cautiously by restricting the release of technical details until a significant number of Chrome users have updated their browsers. This approach ensures that potential bad actors are not provided with crucial information to exploit the vulnerability. It also indicates Google’s commitment to safeguarding its users’ security.

The Importance of Responsible Collaboration

Google discovered a vulnerability and issued an update promptly. This highlights responsible collaboration in the tech industry. Google acknowledged Apple’s contribution and rewarded it with a bug bounty. This reinforces cooperation and information sharing for cybersecurity. Currently, there are no known exploits for CVE-2023-4072, reassuring Chrome users.

Also Read The Latest News:
Tech enthusiast Sohan Rai’s viral drone delivery experiment with Zomato sparks controversy and excitement

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

Previous News
Amazon unveils ambitious plans for India: Aims for $20 billion ecommerce exports and 2 million jobs by 2025
Next News
NPCI’s UPI AutoPay : Gullak becomes the first to launch 1 click savings
Team SNFYI
Team SNFYI

More like this

D2C Insider hoists the D2C Flag in Mumbai for...

General Team SNFYI -
D2C Insider, a leading platform for direct-to-consumer (D2C) brands,...

New UK crypto regulations will include stablecoins and staking...

Government Techcrunch -
The U.K. is set to create an all-encompassing...

IIT Bombay’s Incubator To Float INR 100 Cr Tech-Focused...

Tech INC42 -
SUMMARY The fund aims to invest in 1,000 startups...
Load more

Popular

Upcoming Events

View all
Event Updates

Startup Information that matters. Get in your inbox Daily!

Subscribe

StartupNews.fyi

Subscribe

© 2024 StartupNews.fyi | DOTFYI Media Ventures Private Limited. All Rights Reserved.

StartupNews.fyi

StartupNews.fyi is India's leading news & Technology media company that focuses on Startups in India and to stories across the globe.

© 2024 StartupNews.fyi | DOTFYI Media Ventures Private Limited. All Rights Reserved.