First award in Google Chrome hack contest
MOUNTAIN VIEW, Calif., March 8 (UPI) -- U.S. search engine Google says it is awarding $60,000 in a hacking contest meant to uncover vulnerabilities in its Chrome Web browser.
The winner, Sergey Glazunov, was the first to submit an entry in Google's Pwnium competition to find security exploits in Chrome, revealing a "Full Chrome Exploit" that bypassed the browser's security, CNET.com reported Thursday.
A malicious hacker using such an exploit would have almost full control of the infected machine.
Justin Schuh of the Chrome security team said Glazunov was able to execute "code with full permission of the logged on user," an "impressive" feat deserving of the $60,000 award.
Google launched the Pwnium contest in late February, promising awards totaling $1 million to those who could find security holes in Chrome.
The highest $60,000 prize is given only to those who can obtain "Chrome/Windows 7 local OS user account persistence using only bugs in Chrome itself," Google said.
Now that Glazunov's discovery has been verified, engineers are "working fast on a fix," Google said.
The company said the fix would be provided in an auto-update.
© 2012 United Press International, Inc. All Rights Reserved. Any reproduction, republication, redistribution and/or modification of any UPI content is expressly prohibited without UPI's prior written consent.