For the second time in under a year, scientist Mariusz Mlynski has been compensated more than $30,000 through Google's Chrome Rewards program.
Google on Wednesday discharged Chrome 56.0.02924.76 for Windows, Mac and Linux stages, and Mlynski was recognized with finding and unveiling four high-seriousness vulnerabilities that were fixed. The vulnerabilities earned Mlynski $32,337; last May, he stashed $45,000 subsequent to finding various high-seriousness issues that were fixed in the program.
Mlynski has been a dynamic program powerlessness analyst, specifically at the yearly Pwn2Own challenge. In 2015, he utilized a cross-source bug in Firefox to pick up Windows administrator benefits on a machine, procuring himself $55,000; in 2014 he won another $50,000 with fastening together two Firefox defects to pick up benefit acceleration on a Windows machine.
The most recent rendition of Chrome incorporates patches for 51 vulnerabilities, seven of which that were evaluated high seriousness fit the bill for prizes. Google fixed 14 high-seriousness bugs altogether, with the rest of inside.
Google is additionally anticipated that would start deploring SHA-1 in this variant of Chrome. In accordance with the other program producers, Google said in November that it would evacuate bolster for SHA-1 declarations beginning with Chrome 56; Microsoft and Mozilla have reported comparable censure plans through the following month.
SHA-1 has for quite some time been viewed as a debilitated hashing calculation and powerless to impacts assaults. Specialists are asking site proprietors and application engineers to move to SHA-2 or other advanced calculations, however accomplishment on that front has been blended.