sb-au logo
Story image

US$250,000 up for grabs with Microsoft’s bug bounty

19 Mar 2018

Microsoft has placed a quarter of a million dollar bounty on bugs with the Speculative Execution Side Channel Bounty Program.

Speculative Execution Side Channels are a hardware vulnerability class that affects CPUs from multiple manufacturers.

Through this program, people will have the opportunity to submit novel speculative execution side channel vulnerabilities and mitigation bypasses that affect Microsoft’s latest Windows and cloud platforms.

Qualified submissions are eligible for payment of up to USD$250,000. All bounties will be awarded at Microsoft's discretion.

The qualifying submissions will also be shared with industry partners in order to coordinate disclosure and protections for customers.

There are some Ts & Cs that you should be aware of if you are intending to submit and Microsoft asks that if the technique was involved or witnessed in an actual attack that the information is included in the submission.

Eligible vulnerability submissions must include a white paper or a brief document explaining the exploitation method and must target a particular scenario.

They must also demonstrate and describe an exploitation method that is reliable, reasonable, impactful, novel, and for the latest version of their software.

There are four tiers of submission, the lowest being ‘Exploitable speculative execution vulnerabilities’ which are eligible for up to USD$25,000,

‘Windows speculative execution mitigation bypass’ then ‘Azure speculative execution mitigation bypass’ follow, which can both net up to USD$200,000.

The top tier is ‘New categories of speculative execution attacks’ which max out at the full $250,000.

Additional factors that are considered when assessing payouts include how broadly applicable the side channel attack may be, the perceived level of difficulty and reliability in making use of the technique, and the overall impact of the attack.

The aim of the bug bounty program is to uncover novel vulnerabilities that have a direct and demonstrable impact on the security of users and our users' data.

The following are examples of vulnerabilities that will not earn a bounty reward under this program:

  • Tier 3 and 4 vulnerabilities in anything earlier than the current WIP fast build
  • Vulnerabilities in any versions of Internet Explorer
  • Vulnerabilities in any versions of Adobe Flash
  • Microsoft Edge Timer mitigation bypasses of variant 1 (Tier 4)

Microsoft has also said that they reserve the right to reject any submission.

Story image
Shlayer malware proves Apple devices aren't as secure as you think
"Apple never talks about malware publicly, and loves to give the impression that its systems are secure. Unfortunately, the opposite has been proven to be the case with great regularity."More
Link image
Gartner report: Why SD-WAN is becoming the de-facto option
Network service providers are increasingly challenged by established and new competition in the overlay SD-WAN management as well as in the underlay WAN transport, the report says.More
Story image
Fortinet’s ‘zero trust’ approach redefining security
Cornelius Mare, Fortinet A/NZ Director, Security Solutions, explains why taking a ‘zero trust network access’ approach to cybersecurity requires fully-integrated and comprehensive security services and policies.More
Story image
Report: 151% increase in DDoS attacks compared to 2019
It comes as the security risk profile for organisations around the world increased in large part thanks to the COVID-19 pandemic, forcing greater reliance on cloud technology and thrusting digital laggards into quick and unsecured migrations.More
Link image
Why it's crucial to normalise proper security training for remote working
Knowing and implementing best practices for remote security can save money, time and headaches. It starts with a quality solution to safeguard the workforce.More
Story image
75% of IT execs 'worried' about being targeted in cyber-attack
A new report from ConnectWise has shed light on the widespread concern about cyber-attacks, with 91% of SMB executives considering a move to an MSP if it provided the 'right' solution.More