Microsoft Issues Massive Reward to Security Expert
If you've got the skills, it can certainly pay to be a security researcher. One expert recently earned more than $100,000 after discovering a major security flaw in Microsoft's Windows 8.1 operating system.
The award is part of Microsoft's "bug bounty" program, which the Redmond, Washington-based firm unveiled earlier this year.
Google and Mozilla also employ similar programs, which allow major tech firms to save money by effectively outsourcing their security tasks to independent experts.
"Mitigation Bypass Bounty" Includes $100,000 Prize
The $100,000 award is part of Microsoft's largest bug bounty program, which is known as the Mitigation Bypass Bounty. Only researchers who can present original exploitation techniques targeting the latest version of the Windows operating system can claim the massive prize.
When Microsoft announced the Mitigation Bypass Bounty program this past summer, the expectation was that few researchers would ever win the $100,000. And yet, it took just four months for someone to nab the cash.
The lucky winner is James Forshaw, a security researcher at London, England-based consulting firm Context Information Security.
According to Reuters, Forshaw was able to identify a new exploitation technique affecting Microsoft's Windows 8.1 operating system. (Source: reuters.com)
For its part, Microsoft says it will be able to use the knowledge divulged by Forshaw to drastically improve Windows 8.1's security and prevent a dangerous new class of attacks.
UK-based Researcher Becoming a Bug Bounty Master
Forshaw earned a whopping $100,000 for sharing his research about the exploitation technique, but didn't stop there -- Microsoft reportedly awarded him an additional $9,400 for finding several security bugs in a release preview of Internet Explorer 11, Microsoft's popular web browser.
It's no surprise, then, that Forshaw spoke highly of Microsoft's bug bounty program.
"Microsoft's Mitigation Bypass Bounty is very important to help shift the focus of bounty programs from offence to defence," Forshaw said. "It incentivises researchers like me to commit time and effort to security in depth". (Source: pcmag.com)
These are by no means the first bug bounties Forshaw has tackled. Earlier this year he was awarded a substantial bounty from major tech firm Hewlett-Packard (HP) after identifying a serious security flaw in Oracle's Java software.
Most popular articles
- Which Processor is Better: Intel or AMD? - Explained
- How to Prevent Ransomware in 2018 - 10 Steps
- 5 Best Anti Ransomware Software Free
- How to Fix: Computer / Network Infected with Ransomware (10 Steps)
- How to Fix: Your Computer is Infected, Call This Number (Scam)
- Scammed by Informatico Experts? Here's What to Do
- Scammed by Smart PC Experts? Here's What to Do
- Scammed by Right PC Experts? Here's What to Do
- Scammed by PC / Web Network Experts? Here's What to Do
- How to Fix: Windows Update Won't Update
- Explained: Do I need a VPN? Are VPNs Safe for Online Banking?
- Explained: VPN vs Proxy; What's the Difference?
- Explained: Difference Between VPN Server and VPN (Service)
- Forgot Password? How to: Reset Any Password: Windows Vista, 7, 8, 10
- How to: Use a Firewall to Block Full Screen Ads on Android
- Explained: Absolute Best way to Limit Data on Android
- Explained: Difference Between Dark Web, Deep Net, Darknet and More
- Explained: If I Reset Windows 10 will it Remove Malware?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.