Mitigation Bypass and BlueHat Defense

-

PROGRAM DESCRIPTION:

Microsoft is pleased to announce the launch of the Microsoft Mitigation Bypass Bounty and BlueHat Bonus for Defense Program beginning June 26, 2013. Through this program, individuals across the globe have the opportunity to submit a novel mitigation bypass against our latest Windows platform, and are optionally invited to submit a defense idea that would block an exploitation technique that currently bypasses the latest platform mitigations. Under this program, qualified mitigation bypass submissions are eligible for payment of up to $100,000 USD, with a bonus of up to $50,000 USD for defense submissions. Bounties will be paid out at Microsoft's discretion.

If you are submitting a new mitigation bypass technique that you have found in an active attack, please note that that we have a similar but separate program for you, and the terms appearing here are aimed at individuals submitting their own idea for a new mitigation bypass technique.

If you are submitting your own idea, please read the full guidelines below and then send your entry for consideration to secure@microsoft.com. If you are submitting a technique you found in use in an active attack, you must first pre-register with us by emailing us at doa@microsoft.com for further details.



AM I ELIGIBLE TO PARTICIPATE?

You are eligible to participate in this program if:

You are 14 years of age or older. If you are at least 14 years old, but are considered a minor in your place of residence, you need to ask your parent's or legal guardian's permission prior to participating in this program.
You are either an individual researcher participating in your own individual capacity, or you work for an organization that permits you to participate. You are responsible for reviewing your employer's rules for participating in this program.


See below for a list of those who are not eligible to participate.


WHAT CONSTITUTES AN ELIGIBLE SUBMISSION?

Mitigation bypass submissions ("bypass submissions") provided to Microsoft Corporation ("Microsoft", "we", "our") will be eligible for payment if they meet the following criteria:

Eligible bypass submissions will include an exploit that demonstrates a novel method of exploiting a real Remote Code Execution (RCE) vulnerability and a whitepaper explaining the exploitation method. A real RCE vulnerability is understood to be an RCE that exists in a Microsoft application which may or may not have already been addressed through a security update.

Eligible bypass submissions are permitted to make use of known methods of exploitation in their exploit and whitepaper, but a novel exploitation method must be an integral and required component of enabling reliable remote code execution. Submissions must clearly distinguish the novel aspects of the exploitation method being described.


Eligible bypass submissions must be capable of exploiting a user mode application that makes use of all the latest mitigations supported by the Windows platform which includes:
Stack corruption mitigations (/GS, SEHOP, and SafeSEH)
Heap corruption mitigations (metadata integrity checks)
Code execution mitigations (DEP and ASLR)

Eligible bypass submissions must demonstrate and describe an exploitation method that meets the following criteria:

Generic: it must be applicable to one or more common memory corruption vulnerability classes.
Reliable: it must have a low probability of failure.
Reasonable: it must have reasonable requirements and pre-requisites.
Impactful: it must be applicable to high risk application domains (browsers, document readers, etc).
User Mode: it must be applicable to user mode applications.
Latest Version: it must be applicable to the latest version of our products on the date the entry is submitted.
Novel: it must be a novel and distinct method that is not known to Microsoft and has not been described in prior works.

Qualified bypass submissions are eligible to receive up to $100,000 USD.



WHAT CONSTITUTES AN ELIGIBLE BLUEHAT BONUS FOR DEFENSE SUBMISSION?


BlueHat Bonus for Defense submissions ("defense submissions") provided to Microsoft must meet the following criteria to be eligible under this program:

Eligible defense submissions will include a technical whitepaper to describe the defense idea that could effectively block an exploitation technique that currently bypasses the latest platform mitigations.

Qualified defense submissions are eligible to receive bonus of up to $50,000 USD, depending on the quality and uniqueness of the defense idea.

We reserve the right to reject any submission that we determine, in our sole discretion, does not meet the above criteria.

DEFINITIONS:
Background and descriptions on Windows platform mitigations can be found in the whitepaper on  Mitigating Software Vulnerabilities.

HOW DO I PROVIDE MY SUBMISSION?


Send your complete submission to Microsoft at secure@microsoft.com.

We are not responsible for submissions that we do not receive for any reason, or for submissions that we receive but are incomplete, or indecipherable.


I'VE SENT IN MY SUBMISSION, NOW WHAT?

You will receive an email stating that we have received your submission.
Our engineers will review the submission and validate its eligibility. The duration of review time will vary depending on the complexity and completeness of your submission, as well as number of submissions we receive.
Upon validation, you will be contacted to provide the necessary paperwork to keep our legal team at bay.
After receiving that paperwork and confirming that you are eligible to receive payment under this program, we will deem your submission to be qualified and process your bounty!

BOUNTY PAYMENTS:

Bounties will be paid out at Microsoft's discretion. Microsoft retains sole discretion in determining which submissions are qualified. There are no restrictions on the number of qualified submissions an individual submitter can provide and be paid for.

In the event of a submission submitted by more than one party, if each are eligible submissions, Microsoft will consider not only time and date of submission, but also quality and complexity to be the deciding factor for eligibility of payment of the bounty.

LEGAL NOTICE:

It is your responsibility to comply with any policies your employer may have that would impact your eligibility to participate in the bug bounty programs. If you are participating in violation of your employer's policies, you may be disqualified from participating or receiving bounty payment(s). Government employees are required to provide a letter from their employer's ethics compliance officer confirming their ability to participate in this program. All payments will be compliant with local laws, regulations and ethics rules. Microsoft disclaims any and all liability or responsibility for disputes arising between an employee and their employer related to this matter.

If we determine that your submission is qualified, Microsoft will notify you by sending a reply to your email submission. If the notification that we send is returned as undeliverable, or you are otherwise unreachable for any reason, we may not provide payment.

If there is a dispute as to who the qualified submitter is, we will consider the eligible submitter to be the authorized account holder of the e-mail address used to enter the program. Before receiving a bounty payment, you are required to sign an Affidavit of Eligibility (a formal statement verifying your personal information), a Liability/Publicity Release (which provides permission for Microsoft to use your name and likeness without pursuing future claims), a W-9 tax form or W-8 BEN tax form within 30 calendar days of notification of validation. If you wish to remain anonymous to the public, we will honor your request, but we must know your legal name in order to pay you. If your submission is qualified and you are 14 or older, but are considered a minor in your place of legal residence, we may r

Comments

Post a Comment

Popular posts from this blog

How to use PROXY to download all OEM apps.

-
Requirements: - any WP7/8 device (Nokia, Samsung, LG, HTC...), unlocked phone not needed - is great for Lumia 520 to install full version of Here Drive+ without region licence limitation - SysApp Pusher from WP Store - install SysApp Pusher - Go to WiFi settings on phone - Connect to WiFi network - Click on active connection (or tap and hold) to edit it - Enable PROXY and enter this data: Proxy: 117.135.139.179 Port: 8888 - save and exit Proxy 2 (if first not work, here another one): Proxy: 103.13.29.118 Port: 8888 - go to region setting and change region to United States - confirm to restart phone - after restart, check in your browser did connect to PROXY - start SysApp Pusher on phone, and find which app you want install (if you have Nokia go to Samsung or HTC) - click on app to install it... notice: sometimes you must repeat process since succeed - after you get message for retry download, turn off proxy in WiFi setting - now you retry download and you have this app installed....
Read more

How to make free license Applications and Games on Windows Phone 8.1

-
Image
Requirements 1. Developer Unlocked Device. 2. SD Card Slot on WP Device. 3. Pocket File Manager from our blog. 4. WPAppPatcher 5. Application Deployment Tool. First 1 :- Download Pocket File Manager from our blog and install using Application Deployment Tool. Second 2 :- 1. Open Pocket File Manager on Device. 2. Go to SD Card directly > Touch and hold on WPSystem Folder pop up menu will opened, Press Info. 3. Unchecked both check marks. A. Hidden File. B. System File. Step 3 :- Now Browse WPSystem Folder from any your favorite File Manager Application. Step 4 :- Go to the "App" Directory > go to the your  chooses application GUID (Prod. code) > Copy only "Install" Folder to public directory. (E.g. D:\Anywhere) (for 8.1 apps go to the WPSystem>WindowsApps) Step 5 :- >Delete WMPRHeader.xml file and Zip the "Install" folder content. Step 6 :- > Rename "Install.zip" to "Install.xap" >...
Read more

WPAppPatcher v1.20b (Application/Game Patcher)

-
Image
WPAppPatcher v1.20b (Application/Game Patcher) Requirements: WP Root Tools Unlock or Full Root, Windows Phone 7.1/7.5/7.8, Zune Desktop Software, .NET Framework 4 Developer: Milkman Application Description: WPAppPatcher/WPAppSender is an application that creates a xap file from your application installation by sending it to your pc so it can be patched to the full version and installed again as a xap file without the need of using a creditcard or paypal. Installation Instructions: 1) Extract "WPAppPatcher" to any location you want and launch the application. 2) Install "WPAppSender" on your Windows Phone (Open WPAppPatcher > Help > Install Client). 3) Run "WPAppSender" on your Windows Phone and set your phone's ip on your pc in "WPAppPatcher".* 4) Now click on any application/game that you want to download and patch from your phone. * Trust "WPAppSender" with "WP Root Tools" if the app crashes on s...
Read more