Apple employee spot a zero-day bug in Chrome but didn’t report to Google


New Delhi, Jul 21 (IANS): An Apple employee discovered a zero-day bug in Google Chrome but did not report it as part of a competition. The bug was, in fact, reported by someone else which was later fixed by Google.

The bug was originally found by an Apple employee who was participating in a Capture The Flag (CTF) hacking competition in March, reports TechCrunch.

However, the Apple employee did not report the zero-day bug, meaning Google wasn’t aware of the bug and no patch had been issued yet.

“This issue was reported by sisu from CTF team HXP and discovered by a member of Apple Security Engineering and Architecture (SEAR) during HXP CTF 2022,” the Google employee wrote in the official Bugs blog.

A Google spokesperson said that their understanding is public in the bug.

“We recommend reaching out to Apple for any further details,” the spokesperson was quoted as saying.

Apple did not comment on the report.

It’s not uncommon for CTF teams and CTF players to find zero-days during such competitions.

This bug was apparently discovered during the course of an independent CTF.

Neither Chrome, Google, or the ANGLE team was made aware of this issue via other sources at or prior to it being disclosed.

  

Top Stories


Leave a Comment

Title: Apple employee spot a zero-day bug in Chrome but didn’t report to Google



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.