Microsoft awards over $100,000 to expert for finding bugs
BOSTON Oct 8(Reuters) - Microsoft Corp is paying a hacking expert more than $100,000 for finding security holes in its software, one of the largest such bounties awarded to date by a high-tech company.
James Forshaw, who heads vulnerability research at London-based security consulting firm Context Information Security, won Microsoft's first $100,000 bounty for identifying a new "exploitation technique" in Windows, which will allow it to develop defenses against an entire class of attacks, the software maker said on Tuesday.
Forshaw earned another $9,400 for identifying security bugs in a preview release of Microsoft's Internet Explorer 11 browser, Katie Moussouris, senior security strategist with Microsoft Security Response Center, said in a blog.
Microsoft unveiled the rewards programs four months ago to bolster efforts to prevent sophisticated attackers from subverting new security technologies in its software, which runs on the vast majority of the world's personal computers.
Forshaw has also won a similar award from Hewlett-Packard Co for identifying a way to "pwn," or take ownership of Oracle Corp's Java software.
Microsoft was scheduled to release an automatic update to Internet Explorer on Tuesday afternoon to fix a security bug that it first disclosed last month. Security experts say that hackers had exploited that flaw to launch attacks on companies in Asia in an operation that the cybersecurity firm FireEye has dubbed DeputyDog.
- Atheists face death in 13 countries, global discrimination: study
- Missouri executes man for killing good Samaritan motorist in 1994
- Focus turns to Thai military, anti-government protesters tell them to pick sides |
- Google executives' planes saved millions in costs due to error - NASA
- Apple scores legal victory over Samsung in South Korea