1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Google says an Apple employee found a serious Chrome zero-day, bu

    From TechnologyDaily@1337:1/100 to All on Fri Jul 21 11:45:03 2023
    Google says an Apple employee found a serious Chrome zero-day, but did not report it

    Date:
    Fri, 21 Jul 2023 11:34:21 +0000

    Description:
    Its only by luck that another team notified Google of a Chrome bug amid reports that an Apple employee failed to share the warning.

    FULL STORY ======================================================================

    An Apple employee knew about a bug in the Chrome browser but did not report
    it to Googles developers, reports have claimed.

    A comment on the Chromium bug report site instead credits another individual for notifying Google, noting, This issue was reported by sisu from CTF team HXP and discovered by a member of Apple Security Engineering and Architecture (SEAR) during HXP CTF 2022, which will be acknowledged in the security fix notes for the appropriate Stable channel release at the time they are
    updated.

    At the time, the bug was a zero-day, however a TechCrunch report says that Googles $10,000 bug bounty was awarded to the individual who reported the
    bug, not the Apple employee who discovered the bug. Chrome bug left
    unreported by Apple employee

    Usually, tech companies work together to notify each other of bugs in the interest of cybersecurity, despite going head-to-head in other aspects of business. Read more

    These are the best malware removal tools


    Chrome's third exploited zero-day this year has also been fixed


    A host of malicious Google Chrome extensions with 75 million installs have
    been removed

    Gallileo, an individual claiming to be the Apple employee in question on a Discord channel viewed by TechCrunch , said:

    It was reported on June 5th, through my company. Yes it was late, there are multiple reasons for that. I first had to find the person responsible, the report had to be signed off by people and then the person responsible was
    [out of office]. Its commendable that chrome decided to fix it asap, but I think there wasnt any real urgency.

    On the flip side, the individual responsible for breaking the news to
    Chromium developers said:

    TBH, I have not looked into the issue since I did not discover the bug. However, I'm not 100% sure it was reported to the chromium team, so I wanted to be safe This report is to ensure it gets handled in case team COPY has not yet reported it.

    TechRadar Pro asked both companies - Google and Apple - for more information about the miscommunication. Neither immediately responded to our request. Check out the best firewalls

    Via TechCrunch



    ======================================================================
    Link to news story: https://www.techradar.com/pro/google-says-an-apple-employee-found-a-serious-ch rome-zero-day-but-did-not-report-it


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)