Does Google compensate Apple for hacking Chrome?

• Apple’s Security Engineering and Architecture team found a security vulnerability in Chrome.
• Google awarded the SEAR team a bug bounty of $15,000 for their discovery.
• The vulnerability is known to affect confidentiality, integrity, and availability.

Many users find it surprising that Google actually pays Apple to successfully breach the security of its web browser, “Chrome.”

Google has confirmed the discovery of a significant security vulnerability in its Chrome web browser, thanks to Apple’s Security Engineering and Architecture team.

For their discovery and disclosure of the security vulnerability, Google awarded the SEAR team a bug bounty of $15,000, according to a report by Forbes.

What is Apple SEAR?

According to the tech giant headquartered in Cupertino, “SEAR provides operating system security foundations across all of Apple’s innovative products, including the Mac, iPhone, iPad, Apple Watch, and Apple TV”.

While SEAR researchers are mainly recognized for identifying vulnerabilities in iOS and related systems, they responsibly report any issues related to third-party products as part of their ongoing security efforts.

Forbes reports that news about this specific disclosure was included in an August 2 update announcement for Chrome, which confirmed 11 security fixes due to vulnerability reports from external contributors.

Google pays $15,0000 for finding bugs.

The bug, identified as CVE-2023-4072, refers to a vulnerability in Chrome’s WebGL implementation involving “out of bounds read and write” actions.

“WebGL is the JavaScript application programming interface that enables the rendering of interactive graphics within the browser without any plug-ins being required,” Forbes wrote.

The out-of-bounds bug permits a program to access data beyond the allocated memory area, enabling it to write or, in this instance, read data.

Also Read

Meta to introduce Threads web version, advanced search features

Meta plans to introduce a web version of Threads. The advanced search...

Google has chosen to withhold detailed technical information about this vulnerability until a significant number of Chrome users have applied the update.

Yet, as per the information from the Vulnerability Database, a platform specializing in threat intelligence, “it is known to affect confidentiality, integrity, and availability.”

Furthermore, as stated by the Vulnerability Database, exploiting the bug successfully necessitates user interaction, and currently, there are no known exploits accessible.

To stay informed about current events, please like our Facebook page https://www.facebook.com/BOLUrduNews/.
Follow us on Twitter https://twitter.com/bolnewsurdu01 and stay updated with the latest news.
Subscribe to our YouTube channel https://bit.ly/3Tv8a3P to watch news from Pakistan and around the world.