Microsoft recently sent out a bounty for a hefty $10,000 if someone could smash a pesky Windows 8.1 bug. The tech giant has usually shied away from depositing rewards like this in the past, but this year, Microsoft has started to change that.
They started using the same bounty system earlier this year, around June, to knock out some bugs regarding Windows 8.1, and the infamous Internet Explorer 11. Ironically, a Google engineer was the first to claim a bounty with a smashing of an IE11 bug; perhaps he had experience with web browser development over at Google for Chrome.
While Microsoft has offered big bucks for IE exploits, the true cash was really invested in exploitation techniques on Windows 8.1. I mean let’s face it; Windows 8.1 should certainly be the primary source of focus rather than the widely criticized Internet Explorer.
A security researcher over at Context Information Security, named James Forshaw, claimed the most recent $10,000 bounty. Forshaw squashed a bug that worked around some firewalls and protections in Windows 8.1’s preview version. This isn’t Forshaw’s first time in playing pest control, however. He previously won a bounty for his role in scanning, and eventually locating, an IE 11 bug. However, Microsoft is not expanding on the exploit for now.
Microsoft’s very own sensor security strategist, Katie Moussouris, explained that “The reason we pay so much more for a new attack technique versus for an individual bug is that learning about new mitigation bypass techniques help us defend against our entire attack.”
The IE 11 bug bounty program is closed, but Microsoft is still on the look out for Windows 8.1-related bugs. They’ve paid out a grand total of roughly $128,000 in total bounties and are ready for more. Maybe one of you guys reading here at our website will put on your gloves and lend Microsoft a hand by spraying some pesticide on some of these nettlesome bugs!
Source: PCPro
Source: PCPro
Post a Comment