The rewards too were quite amazing.
The first one to receive the bug bounty award was Jordan Wiens, a Florida based vulnerability researcher.
Or the receiver can even use it for say 20 round trips in the US.
The attacker could gain access to any file and open arbitrary connection connections on the Facebook server.
As per the bounty program the reward for finding this bug was around $30,000.
The Redmond giant had announced its bug bounty program specifically for Windows 8.1 and Internet Explorer 11.
Till then Microsoft used to pay $11,000 for IE exploits.
It was a bug which could bypass certain protections in the preview version of Windows 8.1.
According toThe Telegraph,the bug Heartbleedcan be described as the most serious security flaws ever found.
The bug affects the open-source encryption software OpenSSL, which is generally used on millions of web servers.
Thus the bug is believed to be able to affect many web servers even today.
Neel Mehta, a member of the Googles security team accidentally spotted this bug.
Considering the seriousness of the Heartbleed bug, the amount given in reward was actually meager!
Yahoos Flickr:
Yahoos Flickr is one of the biggest photo management and sharing websites.
Amazingly, Yahoo was quick enough to acknowledge the flaw and also provided the patch.
Actually, the SQL injection bug opens the door for remote code execution.
According to SC Magazine, Yahoo not only acknowledged the problems but also patched them within just six hours.
source: www.techworm.net
