Apple on Friday introduced vital updates to its bug bounty program and the corporate is now providing as much as $2 million for advanced exploit chains.
For the reason that launch of its public bug bounty program in 2020, Apple has awarded a complete of greater than $35 million to over 800 safety researchers. A number of hackers earned $500,000 for his or her work, Apple stated.
The tech big lately unveiled Reminiscence Integrity Enforcement (MIE), an always-on memory-safety safety for iPhones designed to fight refined assaults equivalent to those carried out by mercenary adware distributors.
Apple believes these adware assaults are the one ones that really pose a major menace to its clients and the corporate now needs to spice up the safety of its merchandise even additional towards refined assaults.
It’s doing this by harnessing offensive safety expertise from outdoors the corporate, particularly by considerably growing bug bounties for vulnerabilities equivalent to those that may be leveraged within the exploit chains of mercenary adware assaults.
Particularly, the highest reward for a zero-click exploit chain that achieves distant system compromise, has been elevated from $1 million to $2 million. Apple identified that that is the bottom pay and researchers can in concept get as a lot as $5 million in the event that they earn bonuses for Lockdown Mode bypasses and vulnerabilities found in beta software program.
Apple famous in a name with reporters on Thursday that for somebody to earn a $5 million reward just isn’t simple or doubtless, however it’s theoretically doable.
Apple can be considerably growing bug bounty payouts for an software sandbox escape (from $150k to $500k), assaults requiring bodily entry to a locked system (from $250k to $500k), wi-fi assaults requiring bodily proximity (from $250k to $1M), and distant hacking that requires one-click consumer interplay (from $250k to $1M).Commercial. Scroll to proceed studying.
The corporate has additionally introduced that one-click assaults by way of the net browser, which need to bypass its WebKit protections, will probably be rewarded with as much as $300,000 if they will obtain code execution with a sandbox escape. The reward can enhance as much as $1 million if the exploit chain is taken even additional to realize unsigned code execution with arbitrary entitlements.
The tech big can be boosting rewards for classes the place no exploit has been demonstrated thus far, equivalent to a Gatekeeper bypass on macOS ($100,000) and unauthorized iCloud entry ($1 million).
The brand new payouts will go into impact in November 2025.
Apple on Friday additionally launched an idea that entails flags, much like capture-the-flag (CTF) competitions. These so-called ‘Goal Flags’ are supposed to make it simpler for researchers to objectively show their findings and to know what reward they need to count on for his or her report.
“When researchers show safety points utilizing Goal Flags, the particular flag that’s captured objectively demonstrates a given degree of functionality — for instance, register management, arbitrary learn/write, or code execution — and immediately correlates to the reward quantity, making the award willpower extra clear than ever,” Apple defined.
“As a result of Goal Flags may be programmatically verified by Apple as a part of submitted findings, researchers who submit eligible experiences with Goal Flags will obtain notification of their bounty award instantly upon our validation of the captured flag,” it added.
Goal Flags are supported on iOS, iPadOS, macOS, visionOS, watchOS, and tvOS.
Apple additionally introduced that distinctive analysis will proceed to obtain bonuses, and it has determined that even low-impact vulnerabilities could also be rewarded with $1,000 to encourage researchers to proceed reporting their findings.
Associated: Apple Seeks Researchers for 2026 iPhone Safety Program
Associated: Apple Updates iOS and macOS to Forestall Malicious Font Assaults
Associated: Apple Sends Recent Wave of Adware Notifications to French Customers
