Google just released Chrome version 78.0.3904.87 for Windows, Mac, and Linux.
And it closes a Zero Day vulnerability that is being used by attackers.
There are no details, yet, on the exploit.
Google pays security researchers
The Google team says the latest version of Chrome addresses two security bugs. Google paid one researcher $7,500, but the payout for the researchers who discovered the Zero Day that is in use is listed as TBD.
And saying thank you is always free.
"We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel."
Read (a small amount) more: Google Chrome Releases statement
How do bug bounty programs work?
This out of band security update from Google is evidence that bug bounty programs are working.
What is the impact on the threat landscape? And how do these security research programs work? Plus, how much do white hat hackers get paid?
We posed these questions to Brian Gorenc who leads the Zero Day Initiative, which is the world's largest vendor agnostic bug bounty program.
Listen to our interview with Gorenc on The SecureWorld Sessions podcast: