Meltdown And Spectre Bounty
The IT corporations must also offer a lot of money accordingly, so that indecisive people do not end up on the dark side of power. In the case of the now-capped Meltdown and Specter blunders, Microsoft can offer up to a quarter of a million dollars if it finds a suitably serious attack scenario and helps to get it out of the way.
The bounty program is limited in time until the end of the year. It has four levels, which differ in the nature and impact of the attack. The simplest is a known speculative executable vulnerability in Windows 10 or Microsoft Edge, which is rewarded with $ 25,000. If you manage to get around a vulnerability in Windows or Azure that you have already closed, you will receive $ 200,000. New categories of speculative executable attacks are worth the most, here you are rewarded for signing up with a bounty of $ 250,000.