Pages

Friday, May 18, 2012

Google Again Pays for a Discovered Vulnerability

Not so long ago a vulnerability was discovered in one of Google’s services, which would have allowed an attacker to perform a remote command execution on the target system; for example, download and run programs, read and modify files, or retrieve data from the DBMS. This vulnerability was discovered by an expert of Positive Research, Dmitry Serebryannikov, and was eliminated by the joint efforts of experts of the research center and the Google Security Team. The work done has been featured by the Google team as part of their Vulnerability Reward Program, and rewarded by a prize due for such significant discoveries.

The vulnerability had arisen due to a lack of recent updates of third-party software, a "patch" for which was available in the public domain for nearly two years - though that is most often where problems are found with Google applications of in-house design.

Security Bounty Programs, which Google famously offers, are popular among researchers due to the high professionalism of the team, treatment when considering suggestions, speed of vulnerability scanning and ease of obtaining compensation.

This is far from being the only one example of cooperation between Positive Technologies and Google. In 2010, the Corporation of Good had already noted the merits of experts at the research center Positive Research in its Security Hall of Fame, in gratitude for their help in improving the company’s security services.

3 comments:

  1. I have read your blog and i got a very useful and knowledgeable information from your blog.its really a very nice article.You have done a great job . If anyone want to get Best iOS training institutes in Chennai, Please visit Greens Technologies located at Chennai Adyar which offer Best IOS Training in Chennai.Your information about scripts is really interesting. Also I want to know the latest new techniques which are implemented in selenium. Can you please update it in your website? iOS Training

    ReplyDelete
  2. I have read your blog and i got a very useful and knowledgeable information from your blog.its really a very nice article.You have done a great job . If anyone want to get Best Oracle training institutes in Chennai, Please visit Greens Technologies located at Chennai Adyar which offer Best Oracle Training in Chennai.

    ReplyDelete