Microsoft offering $250,000 for identifying bugs related to Meltdown and Spectre CPU flaws

The offering is part of Microsoft's new limited-time bounty programme for "speculative execution" side channel vulnerabilities.

Microsoft is offering up to $250,000 for identifying bugs that are similar to the "Meltdown" and "Spectre" CPU flaws.

The Microsoft logo. Reuters.

The Microsoft logo. Reuters.

The offering is part of Microsoft's new limited-time bounty programme for "speculative execution" side channel vulnerabilities.

"This new class of vulnerabilities was disclosed in January 2018 and represented a major advancement in the research in this field," Microsoft said in a blog post on 16 March.

"In recognition of that threat environment change, we are launching a bounty programme to encourage research into the new class of vulnerability and the mitigations Microsoft has put in place to help mitigate this class of issues," it added.

"Speculative execution is truly a new class of vulnerabilities, and we expect that research is already underway exploring new attack methods," said Phillip Misner, a security group manager at Microsoft.

The bug bounty programme is open till 31 December.

Intel recently confirmed a report about a potential security flaw in its chips that is vulnerable to hacking.

According to security researchers, two CPU-level vulnerabilities "Spectre" and "Meltdown" have affected all chips made in the last two decades by Intel, AMD and AMR.

Following the news of the bugs getting out, all major tech players such as Microsoft, Google, Apple, including Intel, released security patches to help protect users from potential data theft.

Tech2 is now on WhatsApp. For all the buzz on the latest tech and science, sign up for our WhatsApp services. Just go to Tech2.com/Whatsapp and hit the Subscribe button.





Top Stories


also see

science