Google also highlighted the rewards that were handed out to security researchers that contributed fixes, with prizes of $15,000, $5,000 and $1,000 awarded.

In a separate post online Google also red-flagged a sandbox escape bug discovered on the Android version of Chrome which is reportedly being actively exploited.

Google said that they were withholding the technical details of both of these bugs, waiting for patches to address these issues being fully rolled out.

Ben Hawkes, Google’s Project Zero technical lead, took to Twitter to post about these two vulnerabilities.

Hawkes wrote: “Today Chrome fixed two more vulnerabilities that were being actively exploited in the wild (discovered by Project Zero/Google TAG last week).

“CVE-2020-16009 is a v8 bug used for remote code execution, CVE-2020-16010 is a Chrome sandbox escape for Android.”

LEAVE A REPLY

Please enter your comment!
Please enter your name here