The Broadband Guide
SG
search advanced
 Username:
 Password:
Register
 forgot password?

Microsoft offers bug bounties for Spectre, Meltdown flaws

2018-03-16 15:39 by
Tags: , ,

 

Microsoft is offering bug bounties for a limited time to security researchers who uncover speculative execution side channel vulnerabilities like Spectre and Meltdown.

These two vulnerabilities have been causing quite a stir over the last several months. They impact almost all CPUs in use today to one extent or another, including Intel, AMD, and ARM processors going back a decade or so. Fixing the bugs, which involve "speculative execution" that is used to speed up processing, has caused system crashes, reboots, and poor performance, and Intel in particular has struggled to create a stable solution.

The company wants to encourage security researchers to responsibly disclose any potential CPU flaws, and up to $250,000 is probably a good way to achieve that. Microsoft also offers up to $250,000 for serious Hyper-V flaws in Windows 10.

"Speculative execution is truly a new class of vulnerabilities," says Phillip Misner, a security group manager at Microsoft. "We expect that research is already underway exploring new attack methods."

Intel similarly opened a nine-month bug bounty program for Spectre/Meltdown-like flaws last month. It is also offering up to US$250,000 for the most serious discoveries.

Read more -here-

 

  Post your review/comments
    rate:
   avg:
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About