New Microsoft Bug Bounty Program Looks To Squash The Next Spectre, Meltdown

March 19, 2018

In the wake of the Meltdown and Spectre flaws, Microsoft has rolled out a new bug bounty program targeting speculative execution side channel vulnerabilities.

The limited time program is open until December 31, and offers up to $250,000 for identifying new categories of speculative execution attacks that Microsoft and other industry partners are not yet aware of.

Speculative execution side channels are a hardware vulnerability class that affects CPUs from multiple manufacturers. The vulnerabilities were thrust into the spotlight in January after it was disclosed that there are three variants of the issue, dubbed Spectre and Meltdown, that could potentially enable hackers to access users’ data.

Read More on Threat Post