The MWR team included Nils -- a young German who is known only by his first name -- and Jon Butler. Nils has his own Pwn2Own history: He won $10,000 by hacking Mozilla's Firefox in 2010, and $15,000 the year before for exploiting Firefox, Internet Explorer 8 (IE8) and Apple's Safari.
Google patched the Nils/Butler Chrome bug last Thursday, about 24 hours after the company's security team received the vulnerability information and a working exploit. The Windows kernel flaw they also used in their attack was passed along to Microsoft for analysis and patching.
Pinkie Pie, whose prior hacking has been called "works of art" by Google engineers, got another shout-out from the company today.
"We'd like to thank Pinkie Pie for honoring the spirit of the competition by disclosing a partial exploit at the deadline, rather than holding on to bugs in lieu of an end-to-end exploit," said Google's Evans. "This means that we can find fixes sooner, target new hardening measures and keep users safe."
Google also runs bug bounty programs for Chrome and its Web properties, including youtube.com and google.com. Bounties for both programs were boosted last summer, with payments increased to as much as $20,000 for remote code vulnerabilities in its core domains.
Today, Google said that the total pay-out from its contests and bounty programs has exceeded $900,000.
HP TippingPoint, which co-sponsored Pwn2Own with Google this year, awarded several other prizes to researchers, including $250,000 to Vupen, a French vulnerability research and bug-selling firm, for hacking IE10, Firefox, and Adobe's Flash Player and Reader plug-ins.
Altogether, Pwn2Own issued checks totaling $480,000 to participating researchers.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed. His email address is gkeizer@computerworld.com.
