Security News > 2020 > October > Google aims to improve security of browser engines, third-party Android devices and apps on Google Play

Google has announced two new security initiatives: one is aimed at helping bug hunters improve the security of various browsers' JavaScript engines, the other at helping Android OEMs improve the security of the mobile devices they ship.

"JavaScript engine security continues to be critical for user safety, as demonstrated by recent in-the-wild zero-day exploits abusing vulnerabilities in v8, the JavaScript engine behind Chrome. Unfortunately, fuzzing JavaScript engines to uncover these vulnerabilities is generally quite expensive due to their high complexity and relatively slow processing of input," noted Project Zero's Samuel Groß.

The company is also set on improving the security of the Android ecosystem, and to that point it's launching the Android Partner Vulnerability Initiative.

"Until recently, we didn't have a clear way to process Google-discovered security issues outside of AOSP code that are unique to a much smaller set of specific Android OEMs," the company explained.

Simultaneously, the company has is looking for a Security Engineering Manager in Android Security that will, among other things, lead a team that "Will perform application security assessments against highly sensitive, third party Android apps on Google Play, working to identify vulnerabilities and provide remediation guidance to impacted application developers."

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/FwUiLb3cy88/