Amazon and Netflix, no dollar amounts listed

Microsoft offers up to $250k for "Critical remote code execution, information disclosure and denial of services vulnerabilities in Hyper-V"

Ironically that google page dumped a bunch of html into my browser, including a "script nonce" and a function definition:

    (function(H){H.className=H.className.replace(/\bgoogle\b/,'google-js')})(document.documentElement)

No user interaction required.

> kernel code l execution with persistence

Persistent malware with root privilege.

> kernel PAC bypass

I think PAC is some protection measures.

https://apple.news/A4h_BM9HqTjSpsWKsrVPGBw

Also, max payout has been bumped to $1.5m which is a pretty big change. Most of this was announced a few months ago, they are just making good on a previous announcement at this point.

> Not disclose the issue publicly before Apple releases the security advisory for the report. (Generally, the advisory is released along with the associated update to resolve the issue). See terms and conditions.

No guarantees, then.