Google has compensated Apple for identifying a significant security vulnerability in its popular web browser, Chrome. The discovery was made by Apple’s Security Engineering and Architecture (SEAR) team, which is primarily known for its work on operating system security foundations across all of Apple’s products, including the Mac, iPhone, iPad, Apple Watch, and Apple TV.
For their diligent work and responsible disclosure of the security vulnerability, Google awarded the SEAR team a bug bounty of $15,000. This practice of compensating external contributors for identifying vulnerabilities is not uncommon in the tech industry, but it has raised eyebrows among users who find it unusual that Google would pay Apple for successfully breaching the security of its own web browser.
Google has confirmed the vulnerability and has chosen to withhold detailed technical information about it until a significant number of Chrome users have applied the update. According to the Vulnerability Database, a platform specializing in threat intelligence, exploiting the bug successfully requires user interaction, and currently, there are no known exploits available.
This incident underscores the importance of ongoing security efforts and the value of responsible reporting of issues related to third-party products. It also highlights the collaborative nature of the tech industry in ensuring the safety and security of users worldwide.