{"id":5193,"date":"2015-10-26T06:54:11","date_gmt":"2015-10-26T06:54:11","guid":{"rendered":"https:\/\/ihs.com.tr\/blog\/?p=5193"},"modified":"2015-10-26T06:54:11","modified_gmt":"2015-10-26T06:54:11","slug":"microsoft-bug-avi-programini-baslatti","status":"publish","type":"post","link":"https:\/\/www.ihs.com.tr\/blog\/microsoft-bug-avi-programini-baslatti\/","title":{"rendered":"Microsoft &#8220;Bug Av\u0131&#8221; program\u0131n\u0131 ba\u015flatt\u0131"},"content":{"rendered":"<p><span style=\"font-size: 14pt;\">Microsoft ge\u00e7ti\u011fimiz hafta<strong> .NET core ve ASP.NET Beta<\/strong> i\u00e7in <strong>bug av\u0131 program\u0131n\u0131<\/strong> ba\u015flatt\u0131\u011f\u0131n\u0131 duyurdu. Bu ikisinin Microsoft i\u00e7in, Visual Studio Development Suite kapsam\u0131ndaki yap\u0131 ta\u015flar\u0131 denilebilir.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Program, <strong>20 Ekim 2015 ve 20 Ocak 2016 tarihleri aras\u0131nda<\/strong> ve bu s\u00fcre\u00e7te \u00e7\u0131kan t\u00fcm beta ve RC s\u00fcr\u00fcmlerini, ve bu s\u00fcre\u00e7te \u00e7\u0131kan final s\u00fcr\u00fcmleri de i\u00e7eriyor.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Ara\u015ft\u0131rmac\u0131lar CoreCLR olarak da adland\u0131r\u0131lan .NET core runtime&#8217;da bulduklar\u0131 her bug&#8217;\u0131n <strong>karma\u015f\u0131kl\u0131\u011f\u0131na ve kalitesine g\u00f6re $500 ile $15.000 aras\u0131nda para \u00f6d\u00fcl\u00fc<\/strong> kazanabilecekler.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\"><a href=\"https:\/\/www.ihs.com.tr\/blog\/wp-content\/uploads\/2015\/10\/theme_msbounty_hero.jpg\" data-rel=\"penci-gallery-image-content\" ><img decoding=\"async\" class=\"aligncenter size-full wp-image-5195\" src=\"https:\/\/www.ihs.com.tr\/blog\/wp-content\/uploads\/2015\/10\/theme_msbounty_hero.jpg\" alt=\"theme_msbounty_hero\" width=\"380\" height=\"283\" srcset=\"https:\/\/www.ihs.com.tr\/blog\/wp-content\/uploads\/2015\/10\/theme_msbounty_hero.jpg 380w, https:\/\/www.ihs.com.tr\/blog\/wp-content\/uploads\/2015\/10\/theme_msbounty_hero-300x223.jpg 300w\" sizes=\"(max-width: 380px) 100vw, 380px\" \/><\/a><\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Bug&#8217;lar kapsam\u0131nda olabilecek \u00f6rnekler \u015f\u00f6yle s\u0131ralanabilir:<\/span><\/p>\n<ul>\n<li><span style=\"font-size: 14pt;\">remote code execution<\/span><\/li>\n<li><span style=\"font-size: 14pt;\">security design flaws<\/span><\/li>\n<li><span style=\"font-size: 14pt;\">privilege escalation<\/span><\/li>\n<li><span style=\"font-size: 14pt;\">remote denial-of-service (DoS)<\/span><\/li>\n<li><span style=\"font-size: 14pt;\">tampering and spoofing<\/span><\/li>\n<li><span style=\"font-size: 14pt;\">information leaks<\/span><\/li>\n<li><span style=\"font-size: 14pt;\">cross site scripting (XSS) <\/span><\/li>\n<li><span style=\"font-size: 14pt;\">cross-site request forgery (CSRF)<\/span><\/li>\n<\/ul>\n<p><span style=\"font-size: 14pt;\">Ayr\u0131ca t\u00fcm bug raporlar\u0131 beraberinde bir de <strong>proof-of-concept (PoC) de bar\u0131nd\u0131rmak zorunda.<\/strong><\/span><\/p>\n<p><span style=\"font-size: 14pt;\">\u00d6rne\u011fin en pahal\u0131 \u00f6d\u00fcl olan $15.000&#8217;l\u0131k \u00f6d\u00fcl, bir<strong> &#8220;remote code execution&#8221; a\u00e7\u0131\u011f\u0131 konusundayken<\/strong>, beraberinde <strong>\u00e7al\u0131\u015fan bir demo, kaliteli bir rapor veya bir whitepaper da bar\u0131nd\u0131rmal\u0131<\/strong>. E\u011fer bunlar olmazsa, \u00f6d\u00fcl sadece $1.500 civar\u0131nda da olabilir.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Microsoft&#8217;un \u00f6demeye haz\u0131r oldu\u011fu \u00f6d\u00fcller ise kabaca \u015f\u00f6yle \u00f6zetlenebilir:<\/span><\/p>\n<ul>\n<li><span style=\"font-size: 14pt;\"><em>Security design flaws ve privilege elevation issues<\/em> i\u00e7in $10.000<\/span><\/li>\n<li><span style=\"font-size: 14pt;\"><em>DoS and spoofing\/tampering vulnerabilities<\/em> i\u00e7in $5.000<\/span><\/li>\n<li><span style=\"font-size: 14pt;\"><em>information leaks<\/em> i\u00e7in $2.500<\/span><\/li>\n<li><span style=\"font-size: 14pt;\"><em>CSRF and XSS flaws<\/em> i\u00e7in $2.000<\/span><\/li>\n<\/ul>\n<p><span style=\"font-size: 14pt;\"><a href=\"https:\/\/www.ihs.com.tr\/blog\/wp-content\/uploads\/2015\/10\/Microsoft-Logo_r1_c1_0_26.jpg\" data-rel=\"penci-gallery-image-content\" ><img decoding=\"async\" class=\"aligncenter size-full wp-image-5196\" src=\"https:\/\/www.ihs.com.tr\/blog\/wp-content\/uploads\/2015\/10\/Microsoft-Logo_r1_c1_0_26.jpg\" alt=\"Microsoft-Logo_r1_c1_0_26\" width=\"802\" height=\"473\" srcset=\"https:\/\/www.ihs.com.tr\/blog\/wp-content\/uploads\/2015\/10\/Microsoft-Logo_r1_c1_0_26.jpg 802w, https:\/\/www.ihs.com.tr\/blog\/wp-content\/uploads\/2015\/10\/Microsoft-Logo_r1_c1_0_26-300x177.jpg 300w\" sizes=\"(max-width: 802px) 100vw, 802px\" \/><\/a><\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Ayr\u0131ca Microsoft bir de <strong>online servislerinde bulunabilecek &#8220;authentication&#8221; a\u00e7\u0131klar\u0131 i\u00e7in $30.000&#8217;\u0131 bulabilecek \u00f6d\u00fcller payla\u015faca\u011f\u0131n\u0131<\/strong> da a\u00e7\u0131klad\u0131. Ge\u00e7ti\u011fimiz d\u00f6nemde Wesley Wineberg adl\u0131 bir ki\u015fi <strong>Live.com&#8217;da buldu\u011fu bir a\u00e7\u0131k ile $24.000<\/strong> sahibi olmu\u015ftu.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft ge\u00e7ti\u011fimiz hafta .NET core ve ASP.NET Beta i\u00e7in bug av\u0131 program\u0131n\u0131 ba\u015flatt\u0131\u011f\u0131n\u0131 duyurdu. Bu ikisinin Microsoft i\u00e7in, Visual Studio Development Suite&hellip;<\/p>\n","protected":false},"author":3,"featured_media":5194,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-5193","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-haberler"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5193","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=5193"}],"version-history":[{"count":2,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5193\/revisions"}],"predecessor-version":[{"id":5205,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5193\/revisions\/5205"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/media\/5194"}],"wp:attachment":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=5193"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=5193"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=5193"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}