4 matches found
JITSploitation III: Subverting Control Flow
Posted by Samuel Groß, Project Zero This three-part series highlights the technical challenges involved in finding and exploiting JavaScript engine vulnerabilities in modern web browsers and evaluates current exploit mitigation technologies. The exploited vulnerability, CVE-2020-9802, was fixed i...
Researchers Nab $28k in Microsoft Bug Bounty Program
As part of its first-ever bounty program, Microsoft has paid out $28,000 to a small group of researchers who identified and reported vulnerabilities in Internet Explorer 11. The IE 11 bounty program only ran for one month during the summer, but it attracted a number of submissions from well-known...
Microsoft's Bug Bounty Program and the Law of Unintended Consequences
The Microsoft bug bounty program has been nearly a decade in the making and it is clear from the shape and size of it that the company did not simply slap the program together in order to join the cool kids. Rather, Microsoft’s security team spent years watching the way other programs work, seein...
Windows 8 will be challenge for Malware writers
Windows 8 will be challenge for Malware writers Microsofts security researcher believe that upcoming operating system, Windows 8 is a step forward in security and Windows 8 will be far better at protecting against malware than it's predecessors. Chris Valasek, a senior security research scientis...