An Apple employee discovered a zero-day vulnerability in Chrome but failed to report it to Google in a timely fashion.
A zero-day vulnerability is a software flaw that was unknown to the developer or vendor before they were alerted about it; this means that they had « zero-days » to fix it. Normally, a company that finds a zero-day vulnerability would tell the developer or the vendor even if they worked for a rival outfit. Why? Because it helps stop a malicious hacker, it helps clean up the industry, and because the company never knows when it might be on the other side of such a situation.The other day, per 9to5Mac, an Apple employee discovered a zero-day vulnerability in Google Chrome but did not immediately report it to Google. When discussing the update to the Chrome Browser to fix the zero-day vulnerability, Google pointed out that the bug was discovered during a hacking competition called « Capture The Flag » (CTF) back in March.
Home
United States
USA — IT Apple employee failed to immediately report zero-day Chrome vulnerability to Google