Microsoft starts buying speculative execution exploits

Adds bug bounty class for Meltdown and Spectre attacks on Windows and Azure


Microsoft has created a new class of bug bounty specifically for speculative execution bugs like January's Meltdown and Spectre processor CPU design flaws.

Noting that the Project Zero discoveries “represented a major advancement in the research in this field”, Redmond said the bounties will be available until 31 December 2018.

If someone demonstrates a new speculative execution attack, they'll be eligible for Microsoft's top-rate bounty of up to US$250,000. Bypassing existing Microsoft mitigations for Windows (information disclosure on a fully-patched system) or Azure (reading memory not allocated to the attacker's VM) are worth up to $200,000.


OK, deep breath, relax... Let's have a sober look at these 'ere annoying AMD chip security flaws


A researcher who turns up a new instance of Meltdown or Spectre in Windows 10 or Microsoft Edge can earn up to $25,000, but only if they can demonstrate their exploit can “enable the disclosure of sensitive information across a trust boundary”.

As Phillip Misner of the Microsoft Security Response Centre wrote in the announcement of the new bounties, “we expect that research is already underway exploring new attack methods” in the speculative execution class.

Full terms and conditions for the speculative execution bounty are here.

In the time since the bugs were found, Redmond's had time to understand them better, and has put a detailed post discussing Meltdown and Spectre here. ®

Biting the hand that feeds IT © 1998–2018