Google has awarded $15,000 as a bug bounty to Apple for spotting a high-severity security vulnerability in the Chrome web browser.

Apple’s Security Engineering and Architecture team found the bug and reported it to Google for discovery and disclosure, reports Forbes.

Google disclosed in its latest Chrome update, confirming 11 security fixes as a result of external contributor vulnerability reports.

Apple’s SEAR team is tasked with providing the foundation for operating system security across all product lines at the tech giant.

“If they happen to come across something that relates to a third-party product as part of this ongoing security process, then a responsible disclosure will be made,” according to the report.

Buy Me A Coffee

The ‘CVE-2023-4072 vulnerability is an “out of bounds read and write” bug within Chrome’s WebGL implementation.

WebGL is the JavaScript application programming interface that enables the rendering of interactive graphics within the browser without any plug-ins being required.

In total, Google awarded bounties worth $123,000 for vulnerabilities as part of its bug bounty program, according to the report.

The company said that the Stable Chrome channel has been updated to 115.0.5790.170 for Mac and Linux and 115.0.5790.170/.171 for Windows, which will roll out over the coming days/weeks.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed,” said Google.

READ
GenAI-Capable Smartphone Shipments to Rise over 4x by 2027: Report