The security firm Zerodium announced an increase in bounty prices for zero day exploits with the top prize now being $1.5 million for and Apple iOS 10 remote jailbreak, a $1 million increase.
While the Apple prize is by far the largest, Zerodium also doubled the reward for an Android 7 jailbreak to $200,000 and increased the payday for a Flash (RCE) plus sandbox escape to $100,000, a $20,000 increase. The other changes include.
Product/Exploit Type | New Price | Previous Price |
MS Edge + IE (RCE) + sandbox escapote | $80,000 | $50,000 |
Safari on Mac (RCE) +sandbox escape | $80,000 | $50,000 |
OpenSSL or PHP (RCE) | $50,000 | $40,000 |
MS Windows Reader App (RCE) | $50,000 | $30,000 |
MS Office Word/Excel | $40,000 | $30,000 |
Zerodium markets itself as independent researcher firm that rewards people for their zero-day discoveries. It then analyzes, documents, and provides all acquired security information, along with protective measures and security recommendations, to its clients.