iDefense Q1 2007 Vulnerability Challenge (IE7 & Vista)

See, this is what I get for sitting on a story for one day! I was all like "Oh, nice, I will save this one for tomorrow since I already wrote enough today.", and then what happens? BAM! Slashdot scoops me! So, as you have gathered by the title, iDefense is holding another vulnerability challenge that is directly applicable to us. They are looking for working exploits for IE7 or Vista and are willing to pony up $8k for the disclosure which can be reproduced, and an extra $2k for a working exploit or up to $4k instead if it is well documented, reliable, and such. Obviously we won't know the results of this for a while but there did seem to be at least a few vulnerabilities reported from their previous Q3 2006 challenge, so we'll see what comes out of this.

As an aside, ponder the following question: What do Apple, IBM, and Sun all have in common?

Give up? Me too! I just know that while I was wandering over to the ZeroDayInitiative site to see if they have started having "challenges" yet, I noticed under their upcoming advisories that there are 3 high severity flaws all reported on June 16th of 2006 which are still unpatched. Just something to spark idle curiosity. :)