A CRITICAL GOOGLE CHROME SECURITY BUG WOULD BE ABLE TO PRESENT TO YOU NO UNDER $ 30,000 - ENJOY

Saturday, July 20, 2019

A CRITICAL GOOGLE CHROME SECURITY BUG WOULD BE ABLE TO PRESENT TO YOU NO UNDER $ 30,000


The Google Chrome Vulnerability Rewards Program was released in 2010, and says it received no less than 8,500 reports since then.

Furthermore, the bounties that were offered as part of the program totaled more than $ 5 million.

Now Google is willing to pay even more for Chrome security vulnerabilities, so the maximum amount of reward baselines is increased from $ 5,000 to $ 15,000. Furthermore, the top bounty is now $ 30,000, up from $ 15,000.


Bigger Chrome OS bounties


According to the new reward amounts, if you report a sandbox escape or memory corruption in a non-sandboxed process, you qualify for a bounty between $ 5000 and $ 15,000. At the same time, if your submission is considered a high-quality report, the payment is increased to $ 20,000. Adding a functional exploit in your submission brings a total reward of $ 30,000.

There are also bounties targeting changes offered by Google for Chrome OS vulnerabilities.

"On Chrome OS we're increasing our standing reward to $ 150,000 for exploit chains that can compromise a Chromebook or Chromebox with persistence in guest mode. "Security bug in firmware and lock screen bypasses also get their own reward categories," Natasha Pabrai and Andrew Whalley, Chrome Security Team, say.

The Chrome rewards program is available for Chrome on Windows 7, Windows 8.1, Windows 10, MacOS10 v10.10 +, Linux, Android 4.4+, iOS 7+ and to the current versions of Chrome OS.

The full payments for Chrome bugs are detailed in the table below.

  High-quality report with functional exploit High-quality report Baseline
Sandbox escape / Memory corruption in a non-sandboxed process $30,000 $20,000 $5,000 - $15,000
Universal Cross Site Scripting $20,000 $15,000 $2,000 - $10,000
Renderer RCE / memory corruption in a sandboxed process $10,000 $7,500 $2,000 - $5,000
Security UI Spoofing $7,500 N/A $500 - $3,000
User information disclosure $5,000 - $20,000 N/A $500 - $2,000
Web Platform Privilege Escalation $5,000 $3,000 $500 - $1,000
Exploitation Mitigation Bypass $5,000 $3,000 $500 - $1,000

This article has been published in Softpedia with the title A Critical Google Chrome Security Can Now Bring You Bug No Less than $ 30,000

Bagikan artikel ini

Silakan tulis komentar Anda