Skip to main content

Pinkie Pie hacker strikes again; Google repairs two major Chrome vulnerabilities

posted onDecember 5, 2012
by l33tdawg

L33tdawg: Video of Chris Evan's talk at #HITB2012KUL on Element 31337 in the Periodic Table: Pwnium,  is available on YouTube and covers details of Pinkie Pie's epic $60k exploit from the event and details of past winners and submissions. Well worth watching.

The Chrome hacker known as "Pinkie Pie" helped reveal a serious flaw in the browser's media handler that was patched last week with the release of Chrome 23. That update also fixed a file path handling problem, which was discovered by Google's in-house researchers.

Reports from the H Online and ThreatPost indicate that Pinkie Pie received $7,331 for his work in uncovering the media handler issue. The same hacker won a further $60,000 two months ago for similar work at the Hack in the Box competition, and another prize of the same amount in March at its Pwnium event.

Larger cash rewards for bug reports, according to ThreatPost, are handed out by Google for "particularly severe or unusual bugs," of which Pinkie Pie's latest find was apparently one. Also rewarded for work on Chrome 23's security, the H Online reported, was a hacker who found a "medium"-rated vulnerability in the browser's WebGL implementation. Discovering the problem, which centered on a heap buffer overflow, earned the unnamed researcher $3,500.

Source

Tags

Chrome Security Hackers Industry News Google

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th