Surprising as it may sound, Google pays Apple for effectively hacking the security of its web browser "Chrome".
As a result, a high-severity security vulnerability in the Google Chrome web browser was found by Apple's Security Engineering and Architecture team, Google has confirmed.
Furthermore, Google paid the SEAR team a bug bounty of $15,000 for the discovery and disclosure, Forbes reported.
According to the Cupertino-based technology behemoth "SEAR provides operating system security foundations across all of Apple's innovative products, including Mac, iPhone, iPad, Apple Watch, and Apple TV".
While the SEAR researchers are — understandably — best known for uncovering vulnerabilities within iOS and related systems, they make responsible disclosures if they come across something that relates to a third-party product as part of this ongoing security process.
The news of this particular disclosure came in an August 2 Chrome update announcement confirming 11 security fixes as a result of external contributor vulnerability reports, according to Forbes.
The bug — CVE-2023-4072 — is an "out of bounds read and write" vulnerability within Chrome's WebGL implementation.
"WebGL is the JavaScript application programming interface that enables the rendering of interactive graphics within the browser and without any plug-ins being required," Forbes wrote.
The out-of-bounds bug allows a programme to read — in this case write — data from outside the bounds of an allocated memory area.
Keeping the technical details restricted until such time that a majority of Chrome users have activated the update, Google hasn't shared much about this vulnerability.
However, according to Vulnerability Database, a threat intelligence platform: "it is known to affect confidentiality, integrity, and availability."
Moreover, successful exploitation of the bug requires user interaction and no known exploits are available at this time, according to Vulnerability Database.
Updates include improvements to direct messaging for teen users, expanded nudity protection
Altman says he finds it troubling that certain financial institutions continue to use voiceprint authentication
Chancellor Merz’s govt views AI and start-up technology as key to defence plans
Perpetrator uses woman's personal photos to create viral Instagram sensation "Babydoll Archi"
Proactive removal rates in Pakistan remained high at 99.4%, states Q1 report
Achievement marks first time AI models have surpassed gold medal score benchmark at IMO
