The Google Chrome browser bounty program was launched in 2010. To date, thanks to this program, developers have received about 8500 reports from users, and the total amount of rewards has exceeded $5 million.
Now it has become known that Google has increased the fee for detecting serious vulnerabilities in its own browser. The program includes versions of Chrome for current versions of the software platforms Windows, macOS, Linux, Android, iOS, as well as Chrome OS.
The reward for detecting standard vulnerabilities can reach $15, while previously the maximum fee was $000. A high-quality report related to cross-site scripting will allow you to get up to $5000 thousand. If the user provides data about a vulnerability that allows execution of third-party code, the fee can be up to $20. Other vulnerabilities related to sandbox process memory anomalies, disclosure of confidential user information, escalation of platform privileges, etc. will be paid depending on the importance , and the reward amount can vary from $30 to $000.
Google also announced an increase in payments under the Chrome Fuzzer Program, which allows research activities to be carried out on a large number of devices. Payments under this program have been increased to $1000. Google is probably trying to stimulate the work of researchers, which will make the Chrome browser more secure.
Source: 3dnews.ru