Apple has received a $15,000 bug reward from Google for discovering a serious security flaw in the Chrome web browser.
According to Forbes, the problem was discovered by Apple’s Security Engineering and Architecture team and sent to Google for discovery and disclosure.
Google confirmed 11 security patches as a consequence of external contributor vulnerability reports in its most recent Chrome release.
The SEAR team at Apple is in charge of laying the groundwork for operating system security across all of the company’s product lines.
As part of this continuing security procedure, “if they happen to come across something that relates to a third-party product, then a responsible disclosure will be made,” the study states.
A problem in Chrome’s WebGL implementation called “out of bounds read and write” is responsible for the “CVE-2023-4072” vulnerability.
The JavaScript application programming interface known as WebGL allows for the rendering of interactive visuals directly inside the browser without the need for plug-ins.
In all, as part of its bug bounty program, Google paid out $123,000 in rewards for vulnerabilities, the study said.
It was announced by the firm that the Stable Chrome channel has been upgraded to 115.0.5790.170 for Mac and Linux and 115.0.5790.170/.171 for Windows, adding that this update would be rolling out over the next few days/weeks.
“Until the majority of users have been informed with a patch, access to problem information and links may be limited. If the limitation is in a third-party library that other projects also rely on but haven’t yet updated, we will continue to enforce it, according to Google.
