The discovery of the Meltdown and Spectre CPU vulnerabilities caused quite a shockwave due to the very broad security impact. Companies are thinking about new ways to make hardware and software safer, and Microsoft just announced a new bug bounty program that specifically focuses on speculative execution side channel vulnerabilities.
There are four different tiers, security researchers who discover new categories of speculative execution attacks can expect a payout of up to $250,000. Bypass methods for Azure or Windows result in a payout of up to $200,000 and exploitable instances of a specified, known vulnerability gives access to up to $25,000.
Speculative execution is truly a new class of vulnerabilities, and we expect that research is already underway exploring new attack methods. This bounty program is intended as a way to foster that research and the coordinated disclosure of vulnerabilities related to these issues. Tier 1 focuses on new categories of attacks involving speculative execution side channels. To help the community better understand what is currently known amongst the industry, our Security Research & Defense team has published blog with additional information. Tiers 2 and 3 focus on identifying possible bypasses for mitigations that have been added to Windows and Azure to defend against the attacks that have been identified. Tier 4 covers exploitable instances of CVE-2017-5753 or CVE-2017-5715 that may exist.
Speculative execution side channel vulnerabilities require an industry response. To that end, Microsoft will share, under the principles of coordinated vulnerability disclosure, the research disclosed to us under this program so that affected parties can collaborate on solutions to these vulnerabilities. Together with security researchers, we can build a more secure environment for customers.