Thursday, October 19, 2017
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Samsung Unifies IoT Services Under SmartThings, Announces Bixby 2.0, AR Capabilities to Galaxy smartphones, a 360 Round Camera
HP Launches the Powerful ZBook X2 Detachable PC
Motorola Unveils Smart Speaker with Amazon Alexa For Moto Z Phones
Apple and GE Partner to bring Industrial Apps to iPhone and iPad
ICDM to Establish New Display Evaluation Standards Based on Samsung and LG Proposals
Globalfoundries and Intel to Talk About 10, 7nm at IEDM
Intel and Mobileye Offer Present Algorithms to Prove the Safety of Autonomous Vehicles
Chinese BOE and CSOT to Invest in Japanese JOLED, Adding Pressure to South Korean Rivals
Active Discussions
Which of these DVD media are the best, most durable?
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
Help make DVDInfoPro better with dvdinfomantis!!!
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > PC Parts > Intel L...
Last 7 Days News : SU MO TU WE TH FR SA All News

Thursday, March 16, 2017
Intel Launches Bug Bounty Program


Intel's first bug bounty program is live. Targeted at Intel products, the program encourages researchers to identify issues and bring them to Intel directly.



Intel revealed the new bug bounty program will be hosted on HackerOne at the CanSecWest security conference on Wednesday.

Intel Software, Firmware, and Hardware are in-scope. The harder a vulnerability is to mitigate, the more Intel pays. As a consequence, critical bugs are the most lucrative, with $7,500 on offer for critical Intel software bugs, up to $10,000 for critical Intel firmware security flaws, and up to $30,000 for each critical Intel hardware bug disclosed to the company.

If a bug is deemed of "high" importance, up to $10,000 is up for grabs, while a "medium" severity bug can earn researchers up to $2,000. In addition, "low" risk security flaws are worth up to $1,000.

Intel considers several factors when determining the severity of a vulnerability. The first step is to use the CVSS 3.0 calculator to compute a base score. The base score is then adjusted up or down based on the security objectives and threat model for the given product.

A few details on items that are not in the program scope:

  • Intel Security (McAfee) products are not in-scope for the bug bounty program.
  • Third-party products and open source are not in-scope for the bug bounty program.
  • Intel's Web Infrastructure is not in-scope for the bug bounty program.
  • Recent acquisitions are not in-scope for the bug bounty program for a minimum period of 6 months after the acquisition is complete.

In related news, Microsoft also announced a new bug bounty program on Wednesday for the Microsoft Office Insider on Windows. The companys it will offer researchers a minimum of $500 and maximum of $15,000 for vulnerability submissions which are discovered in the Microsoft Office Insider slow build shipping on the latest, fully patched version of the Windows 10 Desktop operating system.

The flaws must be zero-day vulnerabilities and the Microsoft team must be able to replicate the problem for a bug to qualify for a reward. The company will also consider rewarding researchers with more than $15,000 if the security flaw is something special.

Vulnerability Impact Functioning Exploit Proof of concept Report Quality Potential Payout range (USD)
Elevation of privilege via Office Protected View sandbox escape (excludes vulnerabilities in components and libraries not installed by Office or AppContainer sandbox, that are applicable to any application using them) No Required High Up to $15,000
No Required Low Up to $9,000
Macro execution by bypassing security policies to block Office macros in Word, Excel, and PowerPoint. No Required High Up to $15,000
No Required Low Up to $9,000
Code execution by bypassing Outlook’s automatic attachment block policies for a predefined set of extensions, listed below, that are by default blocked by Outlook. No Required High Up to $9,000
No Required Low Up to $6,000

The program will run until June 15.



Previous
Next
Shuttle Launches Ultra-slim DS77U Media Player Series For Digital Signage        All News        Swatch Develops Its Own Smartwatch Operating System
Shuttle Launches Ultra-slim DS77U Media Player Series For Digital Signage     PC Parts News      Seagate Launches 12TB Enterprise Capacity

Get RSS feed Easy Print E-Mail this Message

Related News
Globalfoundries and Intel to Talk About 10, 7nm at IEDM
Intel and Mobileye Offer Present Algorithms to Prove the Safety of Autonomous Vehicles
Intel Advances Artificial Intelligence With Nervana Neural Network Processor
AMD, Intel, ARM, IBM and Others Support the Open Neural Network Exchange Format for AI
Intel Delivers 17-Qubit Superconducting Chip with Advanced Packaging
Microsoft Ventures and Partners Offer $3.5M Award in AI Startups
8th Gen Intel Core Desktop Processors Available Today
Intel Secure Device Onboard Makes onboarding of Billions of Devices Simpler
Intel Releases Hardware and Software Platform for FPGA Acceleration
Intel's New Loihi Self-Learning Chip Promises to Accelerate Artificial Intelligence
8th Generation Intel Core "Coffee Lake" Desktop Processors are Launching today
Intel Showcases 10 nm Updates, a new aspect for Moore's Law, FPGA Progress and 64-Layer 3D NAND for Data Center

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2017 - All rights reserved -
Privacy policy - Contact Us .