As part of the Pwnium competition currently being run in Canada, Google has put together a $1 million prize pot for users to flag up flaws in Chrome and other browsers, including Firefox, Safari and Internet Explorer.
Sergey Glazunov uncovered a fault in Chrome that enabled him to run unauthorised code on fully-patched Windows 7 computers, reports Sophos' Naked Security blog.
The Russian tech expert said that the remote code execution vulnerability could be utilised by hackers and cyber-criminals to take control of a user's computer after persuading them to visit a rogue web link.
At the Pwnium competition staged by Google at the CanSecWest conference in Vancouver, Glazunov scooped the maximum prize available of $60,000 as the fault he found applies just to Chrome.
The US firm is also paying out $40,000 for any flaws affecting Chrome and other browsers, as well as $20,000 for hackable bugs found only in other browsers and devices.
Sundar Pichai, a senior vice-president at Google, said that the firm was now working on a fix for the flaw found by Glazunov, and would soon roll a patch out to users.
In a message posted last night on the Chronium Google+ page, Pichai wrote: "Congrats to long-time Chromium contributor Sergey Glazunov who just submitted our first Pwnium entry.
"Looks like it qualifies as a 'Full Chrome' exploit, qualifying for a $60k reward. We're working fast on a fix that we'll push via auto-update."
He added: "This is exciting; we launched Pwnium this year to encourage the security community to submit exploits for us to help make the web safer. We look forward to any additional submissions to make Chrome even stronger for our users."
It is understood that Glazunov is the only person so far to get a payment from Google's $1m Pwnium prize pot.
> Google adds 'do not track' button to Chrome