Pays about $10,000 for fixing three critical bugs, seven high risk bugs and one moderate level bug
Google has released the latest version of Chrome web browser - 5.0.375.127 after patching 11 security holes out of which three were critical. Jason Kersey of Google Chrome team noted on the official Google Chrome releases blog that a critical Windows kernel bug was taken care of by a workaround bundled in the most recent stable version of the web browser. Apparently, Google has paid about $10,000 to Digital Bounty Hunters (people who find severe vulnerabilities in web browsers).
Out of the 11 bugs fixed, three were of critical nature, seven of high risk and one was of moderate level. Google paid $1337 to Marc Schoenefeld and credited him for enabling Chrome team to devise a workaround for critical Windows bug. While Digital Bounty Hunter Sergey Glazunov was paid $1337 twice for two different critical memory corruption and notification of crash bugs. Glazunov was also awarded for Memory Corruption Bug in MIME type handling. So far, Glazunov is clearly leading as the top awarded Bounty Hunter for Chrome bugs.
Google and Mozilla camps pay their bounty hunters for pointing out bugs and suggesting fixes in their web browsers. Looks like Microsoft, on the other hand, has no plans to pay the security researchers for pointing out critical bugs.
Google believes and wants Chrome to be secured and annoyance free web browser just like Mozilla wants Firefox to be. And to achieve that, both camps are paying enough bounty to security researchers.
New Google Chrome version 5.0.375.127 comes with all fixes for Windows, Mac and Linux platform.