Bug hunters collect $16,500 from Chrome 11 launch

Google has paid out handsomely to developers who helped prep Chrome 11 for launch.

As part of the online giant’s long-running initiative to give money to people who report glitches in its software, a total of $16,500 was paid to those who helped make the new Chrome browser as hack-free as possible.

Bugs were paid as follows:

* Medium-risk lack of thread safety in MIME handling ($500)

* High-risk corrupt node trees with mutation events ($1,000)

* High-risk use-after-free in DOM id handling ($1,500)

* High-risk dangling pointers in DOM id map ($2,000)

* High-risk possible URL bar spoofs with navigation errors and interrupted loads ($3,000)

Of the bugs that were found and paid for, 18 were ranked “high,” six were “medium,” and three were “low.” It shouldn’t be seen as though most of the bugs were severe, though, as these numbers are lopsided due to the higher payout ratios.

The $16,500 payment is a record for Google. Previously, the most it had paid in a single day to bug bounty hunters was $16,000.