Patch/Configuration Management, Vulnerability Management

Zerodium offers $100K bounty to crack new Flash security feature

The security exploit acquisition firm Zerodium announced a $100,000 bounty to anyone capable of bypassing Adobe Flash Player's heap isolation mitigation protocol.

Heap isolation, also called isolated heap, is a newly developed method of mitigating “user after free” vulnerabilities and one of the latest attempts by Adobe to shore up the defenses of its much maligned Flash Player.

The bounty offer, which was announced on Twitter, is good for one month.

Previously, Zerodium offered a $1 million bounty to any individual or team who could create an “exclusive, browser-based, and untethered jailbreak for the latest Apple iOS 9 operating system and devices.” The company did report that the bounty was paid out, but gave no other details.

Zerodium acquires and analyzes the information provided by outside researchers and then offers measures and security recommendations to its clients.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.