Despite initial reports to the contrary, Google has acknowledged that its web-centric Chrome OS was partially exploited at its Pwnium 3 hacking contest two weeks ago by a researcher known as “Pinkie Pie.”
According to Google engineer Chris Evans, Pinkie Pie submitted a “plausible bug chain involving video parsing, a Linux kernel bug and a config file error” in Chrome OS.
Unsurprisingly, this isn’t the first Google contest won by Evans, as he managed to claim $120,000 from the first two Pwniun contests, winning $60,000 in March and October, respectively.
Mountain View confirmed it had patched the two vulnerabilities identified by Pinkie Pie in an update that rolled out this past Friday.
“We’d like to thank Pinkie Pie for honoring the spirit of the competition by disclosing a partial exploit at the deadline, rather than holding on to bugs in lieu of an end-to-end exploit,” added Evans.
“This means that we can find fixes sooner, target new hardening measures and keep users safe.”