Google has patched a vulnerability exploited by researchers at last week’s Pwn2Own hacking contest.
Even though Google Chrome was not hacked during the competition, the bug resided in WebKit - the rendering engine used by the browser.
WebKit is also featured in Apple’s Safari and the browser found on BlackBerry phones.
A team of researchers, including Willem Pinckaers, Vincenzo Iozzo and Ralf-Philipp Weinmann, hacked a BlackBerry Torch 9800 by exploiting the vulnerability.
On top of the US$15,000 they received for the BlackBerry hack, the researchers were handed US$1,337 from Google.
The update, in Google Chrome 10.0.648.133, only fixed the WebKit security issue.
The memory corruption bug was given a high priority ranking, but Google was not forthcoming on any additional details.
”Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix,” said Jason Kersey, from the Google Chrome team.
Google has handed out over US$100,000 as part of its Chromium Security Rewards programme.
