Skip to main content
  1. Home
  2. Computing
  3. News

Apple finally expands its bug bounty program to accept MacOS bugs

By

Apple’s 3-year-old bug bounty program has finally, officially expanded to accept bug submissions from other Apple ecosystem platforms, including MacOS. The technology company announced its plans for the expansion just a few months ago, during the Black Hat cybersecurity conference. Apple appears to have launched the expansion of its Security Bounty program on Thursday, December 19, via a new webpage published on its site that provides further details on the updated program.

The Apple Security Bounty program is essentially a program in which Apple incentivizes security researchers to find bugs in Apple’s various operating systems and report them to the company in exchange for a pretty sizable monetary reward. As ZDNet notes, when the program was first launched in 2016, it only accepted bug reports for iOS bugs from certain researchers who had been invited to participate in the program. But as of this week, the Security Bounty program has officially expanded to not only accept MacOS bugs, but also bugs from other Apple operating systems, and it now allows the participation of all security researchers.

Recommended Videos

The newly published webpage on Apple’s website provides details on the current iteration of the Security Bounty program, including eligibility guidelines, bounty categories (and their associated maximum rewards), and instructions on how to submit a bug report. There’s even a separate page that lists example payouts for different kinds of bugs.

Related

In addition to MacOS bugs, the program officially accepts bug reports for iOS, iPadOS, tvOS, and WatchOS. There doesn’t appear to be any MacOS specific-guidelines for submitting bug reports about it, but generally speaking, in order to be eligible for a bounty, researchers must follow three main guidelines:

  1. You have to be the first one to report the bug to Apple Product Security.
  2. A report must be submitted and it should be “clear” and contain “a working exploit.”
  3. You can’t publicize the bug until “Apple releases the security advisory for the report.”

It’s also worth noting that if the bug has “significant impact to users,” Apple will still take it into consideration for a bounty payment even if it doesn’t “fit the published bounty categories.” Also, the bounties themselves aren’t tiny. In fact, the smallest example payout listed was $25,000 and the largest payout appears to be $1 million.

Editors’ Recommendations

Topics
Anita George
Anita George
Computing Writer
Anita George has been writing for Digital Trends' Computing section since 2018. So for almost six years, Anita has written…
A new malware threat to macOS adds to the data-stealing surge
Apple MacBook Pro 16 downward view showing keyboard and speaker.

If you still think Macs are inherently safe from malware, think again.

Mac users have another threat to worry about. Cthulhu Stealer, a new Mac malware threat, tries to steal sensitive data such as passwords and cryptocurrency wallets, Cado Security reports in a blog post. The malware threat disguises itself as authentic software to gather login credentials.

Read more
I finally tried Apple Intelligence in macOS Sequoia to see if it lived up to the hype
The redeisgned Siri user interface in macOS Sequoia.

For the last few years, Apple’s macOS releases have been interesting, if not particularly exciting. But that’s all set to change this year with the launch of macOS Sequoia, and it’s all thanks to one feature: Apple Intelligence.

Apple’s artificial intelligence (AI) platform has the potential to completely change how you use your Mac on a daily basis. From generating images, rewriting emails, and summarizing your audio recordings to revamping Siri into a much more capable virtual assistant, Apple Intelligence could be the most significant new macOS feature in years.

Read more
You can finally try out Apple Intelligence on your Mac. Here’s how
macOS Sequoia being introduced by Apple's Craig Federighi at the Worldwide Developers Conference (WWDC) 2024.

The second developer beta of macOS Sequoia is open for business and it includes Apple Intelligence features. It looks like anyone can try it out as long as you're not in China. That includes people in the EU -- even though the AI features might not launch there right away. The features available for testing include Writing Tools, Siri, Safari and Mail summaries, Smart Replies, Memory Movies, transcription features, Reduce Interruptions Focus Mode, and a few more. If you want to have a look yourself, here's everything you need to do to download the beta and activate Apple Intelligence.

Before you start, make sure you've backed up your Mac with Time Machine so you can restore the previous version if anything goes wrong. You can also use a secondary device if you have another Apple silicon Mac lying around because beta versions can go wrong and you have to download them at your own risk.

Read more