"Nem véletlen, hogy huszadrangú problémának tartja a Microsoft..."
Miközben kifizetett érte 125 ezer dollár jutalmat, ami a szabályok szerint:
"Generic: it must be applicable to one or more common memory corruption vulnerability classes.
Reliable: it must have a low probability of failure.
Reasonable: it must have reasonable requirements and pre-requisites.
Impactful: it must be applicable to high risk application domains (browsers, document readers, etc).
User Mode: it must be applicable to user mode applications.
Latest Version: it must be applicable to the latest version of our products on the date the entry is submitted.
Novel: it must be a novel and distinct method that is not known to Microsoft and has not been described in prior works."
plusz:
"Eligible bypass submissions will include an exploit that demonstrates a novel method of exploiting a real Remote Code Execution (RCE) vulnerability and a whitepaper explaining the exploitation method. "
;)
--
trey @ gépház