Subj : Google says an Apple employee found a serious Chrome zero-day, bu To : All From : TechnologyDaily Date : Fri Jul 21 2023 12:45:03 Google says an Apple employee found a serious Chrome zero-day, but did not report it Date: Fri, 21 Jul 2023 11:34:21 +0000 Description: Its only by luck that another team notified Google of a Chrome bug amid reports that an Apple employee failed to share the warning. FULL STORY ====================================================================== An Apple employee knew about a bug in the Chrome browser but did not report it to Googles developers, reports have claimed. A comment on the Chromium bug report site instead credits another individual for notifying Google, noting, This issue was reported by sisu from CTF team HXP and discovered by a member of Apple Security Engineering and Architecture (SEAR) during HXP CTF 2022, which will be acknowledged in the security fix notes for the appropriate Stable channel release at the time they are updated. At the time, the bug was a zero-day, however a TechCrunch report says that Googles $10,000 bug bounty was awarded to the individual who reported the bug, not the Apple employee who discovered the bug. Chrome bug left unreported by Apple employee Usually, tech companies work together to notify each other of bugs in the interest of cybersecurity, despite going head-to-head in other aspects of business. Read more > These are the best malware removal tools > Chrome's third exploited zero-day this year has also been fixed > A host of malicious Google Chrome extensions with 75 million installs have been removed Gallileo, an individual claiming to be the Apple employee in question on a Discord channel viewed by TechCrunch , said: It was reported on June 5th, through my company. Yes it was late, there are multiple reasons for that. I first had to find the person responsible, the report had to be signed off by people and then the person responsible was [out of office]. Its commendable that chrome decided to fix it asap, but I think there wasnt any real urgency. On the flip side, the individual responsible for breaking the news to Chromium developers said: TBH, I have not looked into the issue since I did not discover the bug. However, I'm not 100% sure it was reported to the chromium team, so I wanted to be safe This report is to ensure it gets handled in case team COPY has not yet reported it. TechRadar Pro asked both companies - Google and Apple - for more information about the miscommunication. Neither immediately responded to our request. Check out the best firewalls Via TechCrunch ====================================================================== Link to news story: https://www.techradar.com/pro/google-says-an-apple-employee-found-a-serious-ch rome-zero-day-but-did-not-report-it --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .