dcsimg
September 18, 2018
Hot Topics:

Intel Pays $100K Bounty for New Spectre Variants

  • July 12, 2018
  • By Developer.com Staff

Intel this week disclosed several new variants of the Spectre vulnerability, which originally came to light in January of this year. Security researchers Vladimir Kiriansky and Carl Waldspurger detailed two of the variants in a publicly released paper. "We introduce Spectre1.1, a new Spectre-v1 variant that leverages speculative stores to create speculative buffer over-flows," the researchers wrote. "We also present Spectre 1.2 on CPUs that do not enforce read/write protections, speculative stores can overwrite read-only data and code pointers to breach sandboxes."

Intel says that it paid Kiriansky a reward of $100,000 through its bug bounty program hosted on HackerOne. The company has released software fixes for most of the known Spectre bugs. A recent security report found that for the last six months no attacks have been directly using the Meltdown and Spectre vulnerabilities.

View article






Comment and Contribute

 


(Maximum characters: 1200). You have characters left.

 

 


Enterprise Development Update

Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that developer.com may send you developer offers via email, phone and text message, as well as email offers about other products and services that developer believes may be of interest to you. developer will process your information in accordance with the Quinstreet Privacy Policy.

Sitemap

Thanks for your registration, follow us on our social networks to keep up-to-date