Google Announced the Payment of $ 112,500 for the Detection of Vulnerabilities in Android
By Prempal Singh
Google Announced the Payment of $ 112,500 for the Detection of Vulnerabilities in Android –
In 2017, Google paid a record amount of $ 112,500 to a vulnerability researcher from China.He published the first working system of remote exploits for Android (Google increased the amount of reward for the detection of vulnerabilities).
(Cyberops, Cyberops Infosec, VAPT, Cyber Security, Ethical Hacking, Secured Application Development)
Guan Gong, vulnerability researcher and employee of the Chinese company Qihoo 360 Technology, provided an error report in August 2017. The bugs CVE-2017-5116 and CVE-2017-14904 were corrected in December of last year, and this week Google announced the payment of a reward.
Exploits showed up in Pixel, the flagship smartphone that Google positions as the most secure device on Android.
More about vulnerabilities
Vulnerability CVE-2017-5116 allowed an attacker to execute arbitrary code via HTML inside the sandbox of the mobile browser Chrome. CVE-2017-14904 – A vulnerability that allowed attackers to get out of the sandbox of Chrome. Together, these bugs allowed hackers to remotely enter an arbitrary code into the process:
system_server
on Pixel devices during the transition to malicious URLs in Chrome.