Now that the annual Pwn2Own hacking contest is around the corner, both Google and Mozilla are busy patching flaws in their respective browsers to appear competent in the contest.
Both internet giants have reportedly updated their browsers for the contest that is due to take place next week at the CanSecWest Applied Security Conference. Google patched 19 flaws in its Chrome and rated 17 of them as “high” whereas the other three as “Medium”.
Mozilla followed Google’s step and introduced patches for 10 flaws in its Firefox. It classified eight of the security flaws as “critical” whereas it rated others as “Moderate” and “High” respectively.
Google rewarded the researchers who fixed the bugs with an attractive sum, the highest being $1,000. The patching was carried out in different areas including an integer overflow during the process of textarea handling. Google’s URL bar spoof was also updated.
The major flaw that was updated by Firefox consists of a bug that if activated by a corrupted JPEG file could lead to a crash. The bug was detected by Jordi Chancel, a security researcher at the company. Mozilla warned that the bug is of critical nature and an attacker can use it to craft a corrupted JPEG image that would install a malicious code in the memory. This can cause a crash when it is later executed on the victim’s device. Other critical bugs were also rectified by Firefox.
Both Google and Mozilla introduced the modifications in wake of the Pwn2Own contest that will start from March 9 and go on till March 11. The contest is aimed at checking the technical righteousness of popular browsers. The contest is also applicable to latest tech gadgets like the Apple iPhone.