English(EN) AMD denies researcher a $10,000 bug bounty after fixing critical auto-updater vulnerability — security flaw took 124 days to patch

AMD因124天修复自动更新程序关键漏洞而拒绝支付赏金

作者 PulseAugur 编辑部 · [2 个来源] · 2026-06-12 10:00

AMD拒绝向发现其自动更新软件中关键漏洞的安全研究员支付1万美元的赏金。研究员Paul于2月报告了该漏洞，该漏洞可能允许通过中间人攻击进行远程代码执行。尽管AMD要求他暂时撤下详细介绍该问题的博客文章，但该公司花了124天才实施修复，并且由于项目政策限制，未提供任何赏金。 AI

影响此事件凸显了科技公司在处理漏洞报告和赏金计划方面可能存在的问题，这可能会影响研究员的信任和软件安全实践。

排序理由这是一个关于公司内部政策和赏金争议的故事，而不是新产品发布或重大的行业性事件。

AI 生成摘要 · Google Gemini · 来自 2 个来源。我们如何撰写摘要 →

报道来源 [2]

Tom's Hardware TIER_1 English(EN) · Bruno Ferreira · 2026-06-12 10:00

AMD denies researcher a $10,000 bug bounty after fixing critical auto-updater vulnerability — security flaw took 124 days to patch

AMD took over four months to fix a critical security bug in its autoupdater, and the security researcher didn't see a dime for his efforts
Mastodon — fosstodon.org TIER_1 English(EN) · [email protected] · 2026-06-12 20:39

AMD denies researcher a $10,000 bug bounty after fixing critical auto-updater vulnerability — security flaw took 124 days to patch AMD took over four months to

AMD denies researcher a $10,000 bug bounty after fixing critical auto-updater vulnerability — security flaw took 124 days to patch AMD took over four months to fix a critical security bug in its autoupdater, and the security researcher didn't see a dime for his efforts https://ww…

链接 tomshardware.com/…/amd-denies-researcher-… tomshardware.com/tech-industry