Is there a pool on...
How long before an exploit is found? It might be more interesting.
Personally I wouldn't give it much time until something is found!
Microsoft has opened a remote code execution bug bounty for preview versions of its Microsoft Edge browser. The Internet Explorer killer and hopeful challenger to Firefox and Safari -- Chrome dominates the browser space -- was released in March last year. Microsoft will pay between $500 and $1,500 for remote code execution …
Edge has already had a number of CVE's with remote code execution ... Knowing that and the fact that they try to force you to use it ...
The other day, I wanted to open an app and was too quick, in the "start" menu, I typed the name of the app, and hit enter ... result? It attempted to search the Interwebs for my program using Edge and Bing ... haste on my part, but still.
Until there's a minimum of 15k being offered, and preferably 50-100k+ for serious dedicated time-consuming bug-hunts, who wants to be the lapdog of fat corporates??? Sure Execs, keep seeing us techs as mere plumbers, and chase down our wages accordingly.... And we'll keep watching you being forced to resign in disgrace after breach after breach!
A "remote code execution" presumably means that you browse to a website and it takes over your entire computer. That is not just something more to patch next Tuesday, it should be considered to be something that cannot happen. Period. For it to happen there is something very wrong with the technology that is being used. (e.g. like using C/C++ instead of .Net!)