Google patches WebKit flaw after Pwn2Own contest

By

Rewards hack team.

Google has patched a vulnerability exploited by researchers at last week’s Pwn2Own hacking contest.

Google patches WebKit flaw after Pwn2Own contest

Even though Google Chrome was not hacked during the competition, the bug resided in WebKit - the rendering engine used by the browser.

WebKit is also featured in Apple’s Safari and the browser found on BlackBerry phones.

A team of researchers, including Willem Pinckaers, Vincenzo Iozzo and Ralf-Philipp Weinmann, hacked a BlackBerry Torch 9800 by exploiting the vulnerability.

On top of the US$15,000 they received for the BlackBerry hack, the researchers were handed US$1,337 from Google.

The update, in Google Chrome 10.0.648.133, only fixed the WebKit security issue.

The memory corruption bug was given a high priority ranking, but Google was not forthcoming on any additional details.

”Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix,” said Jason Kersey, from the Google Chrome team.

Google has handed out over US$100,000 as part of its Chromium Security Rewards programme.

This article originally appeared at itpro.co.uk

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © ITPro, Dennis Publishing
Tags:
browsergooglepatchpwn2ownsecurityvulnerability

Sponsored Whitepapers

Digital Transformation That Works in the Real World
Digital Transformation That Works in the Real World
Beyond the Breach: Logicalis Delivers Scalable, Business-Aligned MXDR Security
Beyond the Breach: Logicalis Delivers Scalable, Business-Aligned MXDR Security
Transforming IT for the Hybrid Era
Transforming IT for the Hybrid Era
Powering secure AI at the Edge: What you need to know before it’s too late
Powering secure AI at the Edge: What you need to know before it’s too late
Ditch the Spreadsheets. Build a System That Grows With You.
Ditch the Spreadsheets. Build a System That Grows With You.

Events

Most Read Articles

Microsoft knew of SharePoint security flaw in May, initial patch ineffective

Microsoft knew of SharePoint security flaw in May, initial patch ineffective
Allianz Life says majority of US customers' data stolen in hack

Allianz Life says majority of US customers' data stolen in hack
NT gov agency targeted in alleged $3.5m BEC scam

NT gov agency targeted in alleged $3.5m BEC scam
Microsoft says some SharePoint server hackers now use ransomware

Microsoft says some SharePoint server hackers now use ransomware
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?