Zerodium offers $100K bounty to crack new Flash security feature

Zerodium wants to bypass Adobe's heap isolation security feature in Flash.
Zerodium wants to bypass Adobe's heap isolation security feature in Flash.

The security exploit acquisition firm Zerodium announced a $100,000 bounty to anyone capable of bypassing Adobe Flash Player's heap isolation mitigation protocol.

Heap isolation, also called isolated heap, is a newly developed method of mitigating “user after free” vulnerabilities and one of the latest attempts by Adobe to shore up the defenses of its much maligned Flash Player.

The bounty offer, which was announced on Twitter, is good for one month.

Previously, Zerodium offered a $1 million bounty to any individual or team who could create an “exclusive, browser-based, and untethered jailbreak for the latest Apple iOS 9 operating system and devices.” The company did report that the bounty was paid out, but gave no other details.

Zerodium acquires and analyzes the information provided by outside researchers and then offers measures and security recommendations to its clients.

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS