The combination of IPC (Inter-Process Communication) and V8 vulnerabilities is among the most striking of the bugs discovered on Google Chrome. It could lead to remote code execution outside the sandbox. The person who has discovered it, the researcher Jüri Aedla, has been offered $27,633 as a “thank you” for the good work.
The rewards within the bug bounty program initiated by Google have been recently increased to $15,000 for a sandbox escape bug that is adequately reported.
A significant layer of defense in Google Chrome is the ability to restrict processes running in an isolated environment. This way malware cannot gain persistency on the system, neither it can read arbitrary files on the computer. What’s more important, sandboxed processes, and any eventual bug they are affected by, cannot write to disk.
And the Reward Goes To…
113 out of all 159 bugs found, were minor. They were discovered with the help of MemorySanitizer – a tool that discovers uninitialized memory read in C and C++.
Collin Payne and Atte Kettunen of the Oulu University Secure Programming Group (OUSPG) received $23,000 for their efforts, working together with the Google team on the development cycle to stop further security flaws from reaching the stable version.
Here are other notable bugs which were discovered and fixed:
- Use-after-free glitches in DOM, Rendering, Events and Web Workers
- Out-of-bounds read errors in the PDF rendering engine of Chrome
The Google developers have managed to take care of permissions bypass flaw, discovered in Windows sandbox and a data leak in XSS Auditor.
Your Browser Will Switch to the New Release Automatically
The latest release is available for all supported PC platforms and has a built-in automatic update mechanism. In case the browser is not updated as it is started, it will after the user restarts his machine.
Soon after the Chrome update, new versions for other browsers that rely on its engine are to be expected.