Google has announced that it’s increasing its maximum rewards for reporting Chrome security bugs – doubling and even tripling some of its baseline rewards.
Google created its Chrome Vulnerability Rewards Program back in 2010 to pay researchers rewards for finding and reporting security bugs that keep users safe on its Chrome browser. The program has so far received over 8,500 reports and has paid eagle-eyed researchers over $5 million.
Over the last nine years, Google has also extended the rewards program to full chain exploits on Chrome OS, and the Chrome Fuzzer Program. Now, it’s announcing an increase in the program’s reward amounts, tripling its maximum baseline amount from $5,000 to $15,000 and doubling its maximum amount for “high-quality reports” from $15,000 to $30,000.
Furthermore, it’s also doubling the bonus given for bugs found by “fuzzers” ( under the aforementioned Chrome Fuzzer Program, to $1,000.
In order to help researchers get the maximum amounts, Google has clarified what it considers to be a high-quality report, and has updated its bug categories to “better reflect the types of bugs that are reported” and the ones it is most interested in having reported.
In reference to Chrome OS, Google is also increasing its standing reward for exploit chains that may affect Chromebook or Chromebox in guest mode. The standing reward for exploit chains in this category is now $150,000.
All new reward amounts will apply to bugs that are submitted on the Chromium bug tracker using the Security template. You can find out more about the rules of the program and further details, here.
You might also like
More from Google
Google is testing a new process that uses AI and your website's assets to automatically create videos that you can …
Google has published 5 shifts in shopping behavior, to help retailers take action and prepare for the holiday season.
Google Assistant driving mode has been appearing on some Android devices lately, which means that full rollout may be near.