Google rewards $15k to Apple team for finding bug in Chrome

New Delhi: Google has rewarded $15,000 to Apple’s Security Engineering and Architecture team for spotting a high-severity security vulnerability in the Chrome web browser.

Google disclosed it in its latest Chrome update, confirming 11 security fixes as a result of external contributor vulnerability reports.

Apple’s SEAR team is tasked with providing the foundation for operating system security across all product lines at the tech giant.

“If they happen to come across something that relates to a third-party product as part of this ongoing security process, then a responsible disclosure will be made,” according to the report.

The CVE-2023-4072 vulnerability is an “out of bounds read and write” bug within Chrome’s WebGL implementation.

WebGL is the JavaScript application programming interface that enables the rendering of interactive graphics within the browser without any plug-ins being required.

In total, Google awarded bounties worth $123,000 for vulnerabilities as part of its bug bounty program, according to the report.

The company said that the Stable Chrome channel has been updated to 115.0.5790.170 for Mac and Linux and 115.0.5790.170/.171 for Windows, which will roll out over the coming days.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed,” said Google.

With inputs from IANS