News Score: Score the News, Sort the News, Rewrite the Headlines

AMD Stiffs Researcher $10,000 Bug Bounty After Critical Security Flaw, Takes 124 Days to Fix

AMD refused $10,000 bounty to researcher Paul LaRosa despite fixing HTTP vulnerability in Windows auto-updaterFinding a critical security vulnerability should get you rewarded, not stiffed. AMD’s auto-updater was downloading software over insecure HTTP connections, letting network attackers slip malicious code onto your system during routine updates. The researcher who found this remote code execution flaw expected a $10,000 bounty. Instead, AMD fixed the problem after four months and paid nothi...

Read more at gadgetreview.com

© News Score  score the news, sort the news, rewrite the headlines