Google has announced that it’s increasing its maximum rewards for reporting Chrome security bugs – doubling and even tripling some of its baseline rewards.
Google created its Chrome Vulnerability Rewards Program back in 2010 to pay researchers rewards for finding and reporting security bugs that keep users safe on its Chrome browser. The program has so far received over 8,500 reports and has paid eagle-eyed researchers over $5 million.
Over the last nine years, Google has also extended the rewards program to full chain exploits on Chrome OS, and the Chrome Fuzzer Program. Now, it’s announcing an increase in the program’s reward amounts, tripling its maximum baseline amount from $5,000 to $15,000 and doubling its maximum amount for “high-quality reports” from $15,000 to $30,000.
Furthermore, it’s also doubling the bonus given for bugs found by “fuzzers” ( under the aforementioned Chrome Fuzzer Program, to $1,000.
In order to help researchers get the maximum amounts, Google has clarified what it considers to be a high-quality report, and has updated its bug categories to “better reflect the types of bugs that are reported” and the ones it is most interested in having reported.
In reference to Chrome OS, Google is also increasing its standing reward for exploit chains that may affect Chromebook or Chromebox in guest mode. The standing reward for exploit chains in this category is now $150,000.
All new reward amounts will apply to bugs that are submitted on the Chromium bug tracker using the Security template. You can find out more about the rules of the program and further details, here.
More from Google
Google is bringing a new shopping section to mobile Search in the U.S., featuring clothes, shoes, and accessories from across …
To help website owners optimize their sites for Google Search, Google is rolling out a new Search Console training video …
Google Ads is making parallel tracking mandatory for Video campaigns. Parallel tracking is already mandatory for Search, Shopping, and Display campaigns.