Microsoft offers a huge cash reward to stop the next Meltdown or Spectre

News
By
published

Wanted: Dead or alive

Meltdown and Spectre

Microsoft is looking to stamp out future major bugs along the lines of Spectre, with the company offering big money to hunt down these sort of flaws.

Microsoft’s new bug bounty program is specifically for ‘speculative execution side channel vulnerabilities’ like Spectre and Meltdown which affected Intel chips, as well as AMD and ARM processors in the case of the former.

The software giant observed that these represented a new class of vulnerabilities, and a major change in the threat environment, to which its reaction is this new program which will pay up to $250,000 (about £180,000, AU$320,000) for those who discover and disclose such bugs to Microsoft.

The top tier payment of up to $250,000 will be made for the discovery of entirely new categories of speculative execution attacks, with Microsoft paying up to $200,000 (about £145,000, AU$255,000) for the discovery of methods of bypassing Windows’ defenses against existing speculative execution flaws.

Those who find new spins on known speculative execution vulnerabilities with Windows 10 or Microsoft’s Edge browser will be able to bag a reward of up to $25,000 (about £18,000, AU$32,000).

How to protect against Spectre and Meltdown

Meltdown and Spectre

For the latest on how to protect yourself from Spectre and Meltdown, read our comprehensive guide.

Joint effort

Naturally, the hope is that Microsoft will be able to use such early warnings to concoct a fix before any possible vulnerability becomes public. The firm says it will share any findings and research with other affected companies to collaborate on fixes, because “speculative execution side channel vulnerabilities require an industry response”.

Of course, when it came to Spectre and Meltdown, despite collaboration beginning a good half-year before these holes became public knowledge, patching has still been a very haphazard affair. Indeed, fixes for many affected Intel CPUs still haven’t gone live.

Hopefully lessons will have been learned when it comes to future responses to any vulnerability of this category. But clearly, this is a positive step forward by Microsoft, although not an unsurprising one given the seriousness and potential impact of these sort of flaws, as we’ve seen this year.

Via The Inquirer

Darren Allan

Darren is a freelancer writing news and features for TechRadar (and occasionally T3) across a broad range of computing topics including CPUs, GPUs, various other hardware, VPNs, antivirus and more. He has written about tech for the best part of three decades, and writes books in his spare time (his debut novel - 'I Know What You Did Last Supper' - was published by Hachette UK in 2013).

Latest in Tech
The best tech of MWC 2025 examples, including the Nothing Phone 3a Pro, the Nubia Flip 2, and the Lenovo Solar PC
Best of MWC 2025: the 10 top tech launches we tried on the show floor
Toy Fair 2025 Primal Hatch
The 7 best toys we saw at Toy Fair 2025, from a Lego boat to a hatching, robotic dinosaur
ICYMI
ICYMI: the 7 biggest tech stories of the week, from a next-gen Alexa to the new iPhone 16e
A triptych image featuring the Beats Powerbeats Pro 2, iPhone 16e and Amazon Echo Show 21.
5 hottest tech reviews of the week: the gorgeous, affordable iPhone 16e and Amazon's epic 21-inch Echo Show
Apple Airtag four pack on orange background with lowest price sign
The Apple AirTags are now even cheaper than Black Friday thanks to a surprise price cut at Amazon
Acer Predator Helios Neo 14 on purple background with big savings text overlay
Portable and powerful, the Acer Predator Helios Neo 14 gaming laptop with an RTX 4070 is $600 off right now
Latest in News
Google Gemini iPhone Lock Screen
You can now access Gemini from your iPhone's lock screen
Michelle, Keats, and Doctor Amherst looking unimpressed and worried in The Electric State
Netflix drops trailer for The Electric State, and I'm getting serious District 9 vibes
YouTube TV
YouTube TV might be planning a big Netflix update that puts the best streaming services first
Google Pixel 9 Pro
Here are the 7 best Pixel 9 and Pixel Watch 3 features landing in March’s Pixel Feature Drop
Bang & Olufsen Beogram 4000C Saint Laurent Rive Droite Edition
Bang & Olufsen's latest reworked turntable is a masterpiece of retro revival, in a breathtaking wooden presentation box
Apple Watch Series 10
Apple unveils new Apple Watch bands – here's what's in the Spring 2025 collection
More about tech
The best tech of MWC 2025 examples, including the Nothing Phone 3a Pro, the Nubia Flip 2, and the Lenovo Solar PC

Best of MWC 2025: the 10 top tech launches we tried on the show floor
Toy Fair 2025 Primal Hatch

The 7 best toys we saw at Toy Fair 2025, from a Lego boat to a hatching, robotic dinosaur
A shot showing the flags of New Zealand and South Africa

New Zealand vs South Africa live stream: How to watch ICC Champions Trophy semi-final online (available for free)
See more latest
Most Popular
A business woman looking at AI on a transparent screen
Businesses are facing an "AI Divide" - which could be the difference between success and failure
Google Gemini iPhone Lock Screen
You can now access Gemini from your iPhone's lock screen
Apple Vision Pro with Dassault Systèmes 3DEXPERIENCE platform
Dassault Systèmes teams up with Apple to use Vision Pro headsets to bring spatial CAD to life
Samsung 18.1-inch foldable OLED monitor
Samsung has launched a flexible portable monitor complete with a briefcase, one that seems to come straight from a James Bond movie
GenMachine Zhi mini pc
This is the smallest AMD PC I've ever seen: mysterious manufacturer uses Ryzen 3 APU with surprising results
Beelink ME Mini
One of our favorite mini PC vendors has launched a NAS that looks a bit like Apple's PowerMac G4 Cube PC - but way smaller
Michelle, Keats, and Doctor Amherst looking unimpressed and worried in The Electric State
Netflix drops trailer for The Electric State, and I'm getting serious District 9 vibes
YouTube TV
YouTube TV might be planning a big Netflix update that puts the best streaming services first
Maserati MC20 Autonomous
This AI-driven Maserati just hit 197.7mph without a human behind the wheel
AI data center
Is Microsoft hesitating on AI? Days after CEO said it would be upping capacity, analyst claims tech giant has actually cancelled data center leases