Google recognizes 360 as the largest contributor of its vulnerability report program

Sep 21, 2017360TS

Google just released the latest Android Security Bulletin and addressed 45 security vulnerabilities, of which 28 were found by 360 Security teams.

360, recognized by Google, is the largest contributor of vulnerability report program

360 Security teams reported high-severity vulnerabilities in Broadcom components

There are 6 teams from 360 recognized by Google in September, reporting 28 security vulnerabilities in total, including 10 from 360 Alpha Team,  6 from 360 Chengdu Security Response Center, 5 from 360 Core Team, 4 from 360 Vulpecker Team, 2 from 360 IceSword Lab and 1 from 360 QEX Team, respectively.

According to Guang Gong from 360 Alpha Team, some of the 360 reported vulnerabilities are labeled “high-severity”. These vulnerabilities affect Broadcom Wi-fi drivers, allowing a proximate attacker to use a specially crafted file to execute arbitrary code within the context of a privileged process.

360 Security teams reported high-severity vulnerabilities in Broadcom components

360 Security, the largest contributor to Google’s vulnerability disclosure program

Google has been running the Vulnerability Reward Program for years. By encouraging external security researchers to report vulnerabilities of it’s own services, Google can fix these issues and push security patches to end users as quickly as possible.

Ever since Google started to credit security researchers in 2015, 360 Security teams have been the most active contributors, already reporting a cumulative amount of 372 vulnerabilities affecting Android devices and the Chrome browser.

A mission to bring security to every user in our digital age

Currently, 360 has built the largest and most advanced security innovation center in the asian-pacific region, focusing on developing security systems for services ranging from web, IOT, network, hardware, mobile device to cloud systems.

On its official social network, 360 claims, “We aim to strengthen the digital security of key infrastructures, making every user safer.”