According to Forbes, Apple’s Security Engineering and Architecture team discovered the bug and reported it to Google for discovery and disclosure.
Google paid Apple $15,000 as a bug bounty for discovering a high-severity security vulnerability in the Chrome web browser.
According to Forbes, Apple’s Security Engineering and Architecture team discovered the bug and reported it to Google for discovery and disclosure. Google confirmed 11 security fixes as a result of external contributor vulnerability reports in its latest Chrome update.
Apple’s SEAR team is in charge of laying the groundwork for operating system security across all of the company’s product lines. According to the report, if they come across anything related to a third-party product as part of this ongoing security process, they will make a responsible disclosure. The CVE-2023-4072 flaw is caused by an out of bounds read and write bug in Chrome’s WebGL implementation.
Access to bug details and links may be restricted until the majority of users have received a fix. We will also retain restrictions if the bug exists in a third-party library on which other projects rely but have not yet been fixed, according to Google.