A few days ago the users and reviewers criticised Google for multiple vulnerabilities in Android after the exploit in Wi-Fi WPA 2 discovered. Today, Microsoft revealed that they discovered an exploit in Chrome, Microsoft also criticizes Google’s approach towards the users’ security.
A few days ago, Google claimed that Microsoft is revealing the vulnerabilities in the older version of Windows when they patch Windows 10. Google suggested that Microsoft should patch all versions of Windows together as when they patch Windows 10 before old Windows, the attackers can discover the ways to use the exploit.
Now, Microsoft has revealed some exploits in Google Chrome and even received the bounty of $15,837. The Offensive Security Research (OSR) used fuzzer to find the vulnerabilities and finally discovered the remote code execution exploit in Chrome, the remotely exploitable security flaw has been finally addressed by Google.
Microsoft criticizes Google for the way they handle the reported vulnerabilities, the company explains that Google’s servicing process for vulnerabilities might result in the public disclosure of the problem leaving the customers open to attacks. The RCE exploit could have allowed the hackers to access the sensitive information such as saved credentials, banking sessions and even email, Microsoft explains.
Microsoft notes that it took Google a month to address the vulnerability in the public version of Chrome while they patched the security problem within a week in Chrome beta. “We responsibly disclosed the vulnerability that we discovered along with a reliable remote code execution exploit to Google on September 14, 2017,” Microsoft explains.
Google has however finally patched the security bug, the company also awarded the Microsoft Offensive Security Research team a bounty of whooping $15,837, the amount was later donated to Denise Louie Education Center.