Google pays out nearly $10,000 to flaw finders for Chrome 12, which features better Safe Browsing and the ability to remove Adobe Flash cookies right from Chrome.
Google released Chrome 12 to the stable channel June 7, introducing
a build that boasts better security, privacy and graphics.
The bug-hunting build-up to the launch earned
researchers a total of $9,970.
Google paid an unusual sum of $3,133 to Sergey Glazunov,
engine, which led to "a beautiful
chain of lesser severity bugs which demonstrated critical impact," said Chrome
Security Team member Jason Kersey. "It deserves a more detailed write-up at a later date."
Google paid $2,000 to a researcher who found high-risk
"use-after-free due to integer issues in float handling." The search
engine also paid $1,337 for a medium-risk extensions permission bypass flaw.
The company paid $1,000 a piece for a high-risk "use-after-free
in image loader" flaw, a medium risk "extension injection into
chrome:// pages" bug and a high-risk "same origin bypass in DOM"
issue. The final $500 went for a medium-risk "browser memory corruption in
history deletion" error.
Meanwhile, Chrome 12 is also more secure than previous
versions in other ways. The company boosted its Safe Browsing technology to
warn users before they download some types of malicious files.
Chrome also now gives users
more control over data that Websites
store on their computers.
For example, Google worked with Adobe to integrate
deletion of Flash Player's Local Shared Objects cookies directly into Chrome. This
capability was previously only manageable using an online settings application
on Adobe's Website.
Chrome 12 also supports hardware-accelerated 3D CSS, something
the company showed off at Google I/O last month.
This essentially means prettier
3D effects, which users may see in this
. Users may rotate the video, toggle the reflection on and
off, and activate a carousel of videos.
Other Chrome 12 perks include the ability to launch apps by name
from the Omnibox, integrated Chrome Sync into settings pages, better screen
reader support. Google also killed Google Gears in Chrome.
Chrome users will be automatically updated to this new
version of Chrome soon, part of the the company's nearly year-old, 6-week