British-based white-hat hacker James Forshaw from Context Information Security came up with a way of exploiting Windows applications that, according to various sources, overcomes systemic protections such as Address Space Layout Randomization and Data Execution Prevention in Windows 8.1 Preview. Microsoft has ponied up $100,000 for the information.
The tech giant announced back in June that it would join other like-minded companies like Google and Mozilla in paying external hackers to research vulnerabilities, offering up to $11,000 for critical vulnerabilities discovered in the Internet Explorer 11 beta and up to $100,000 for any technique that bypassed Windows' built-in exploit mitigation schemes.
Forshaw jumped at the chance and had already discovered design level bugs during the IE11 Preview Bug Bounty, bringing his total earnings to $109,400.
"James already came in hot with design level bugs he found during the IE11 Preview Bug Bounty, and we're thrilled to give him even more money for helping us improve our platform-wide security by leaps," said Katie Moussouris, senior security strategist at the Microsoft Security Response Center in a blog post.
"While we can't go into the details of this new mitigation bypass technique until we address it, we are excited that we will be better able to protect customers by creating new defenses for future versions of our products because we learned about this technique and its variants."
Microsoft said that unlike Mozilla for example, it is not paying for individual bugs but was instead offering the $100,000 scheme for entire classes of exploits.
"The reason we pay so much more for a new attack technique versus for an individual bug is that learning about new mitigation bypass techniques helps us develop defenses against entire classes of attack," the company said.
"This knowledge helps us make individual vulnerabilities less useful when attackers try to use them against customers. When we strengthen the platform-wide mitigations, we make it harder to exploit bugs in all software that runs on our platform, not just Microsoft applications."
As we reported yesterday Danish-based startup CrowdCurity is also offering bounties for hackers, and is actively looking for small-to-medium sized businesses who want their security tested.