Hello Guest, welcome to torrentinvites.org - Your #1 source for Torrent Invites!
CLICK HERE to register for free and gain full access to TI.org!
Torrent Invites! Buy, Trade, Sell Or Find Free Invites, For EVERY Private Tracker! HDBits.org, BTN, PTP, MTV, Empornium, Orpheus, Bibliotik, RED, IPT, TL, PHD etc!
1Likes
-
1
Post By Laxus
-
Microsoft expands bug bounty program to cover any Windows flaw
Now every part of Windows is covered by a bug bounty scheme.
Microsoft today announced a new bug bounty scheme that would see anyone finding a security flaw in Windows eligible for a payout of up to $15,000.
The company has been running bug bounty schemes, wherein security researchers are financially rewarded for discovering and reporting exploitable flaws, since 2013. Back then, it was paying up to $11,000 for bugs in Internet Explorer 11. In the years since then, Microsoft's bounty schemes have expanded with specific programs offering rewards for those finding flaws in the Hyper-V hypervisor, Windows' wide range of exploit mitigation systems such as DEP and ASLR, and the Edge browser.
Many of these bounty programs were time limited, covering software during its beta/development period but ending once it was released. This structure is an attempt to attract greater scrutiny before exploits are distributed to regular end-users. Last month, the Edge bounty program was made an on-going, continuous scheme no longer tied to any particular timeframe.
The bounty scheme announced today does not replace those focus areas. Edge, the Windows mitigation techniques, Hyper-V, and Windows Defender App Guard all have their own focused bounty schemes. Rather, it acts as a catch-all for the rest of Windows. A researcher finding and reporting a remote code execution flaw in Windows with a high quality proof of concept can find themselves eligible for a $15,000 payout. Elevation of privilege can yield $10,000, and even information disclosure, denial of service, and spoofing can produce rewards of up to $5,000.
The targeted schemes can be more lucrative. A full exploit for Hyper-V that enables a malicious or attacker controlled virtual machine to cause the hypervisor itself to execute arbitrary code will produce a payout of up to $250,000. An exploit that can bypass the full range of exploit mitigation techniques can earn up to $100,000.
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules