Google Pays Out Over $100,000 for Vulnerabilities Patched With Chrome 97 Update


A total of 22 vulnerabilities addressed with the latest Chrome refresh were reported by external researchers, including one critical-severity, 16 high-severity, and five medium-severity issues.

There were 12 use-after-free bugs reported externally, impacting Safe Browsing, Site isolation, Web packaging, Omnibox, Printing, Vulkan, Scheduling, Text Input Method Editor, Bookmarks, Optimization Guide, and Data Transfer.

The most important of these security errors is CVE-2022-0289, a critical use-after-free flaw in Safe Browsing that could be exploited to achieve arbitrary code execution. The bug was found by Sergei Glazunov of Google Project Zero.