Microsoft has awarded its first $100,000 bounty reward to a security researcher for discovering a bug in Windows 8.1. The company kicked off the bounty hunt for flaws and vulnerabilities in both Internet Explorer 11 and Windows 8.1, with bounties ranging up to $11,000 and $100,000 respectively.
The large bounty was picked up by James Forshaw, a security researcher at Context Information Security. Detailing a bug that bypassed protections in the preview version of windows 8.1, Forshaw was able to bag the full $100,000 reward. Microsoft will detail the exploit once the company has addressed it.
So how much has Microsoft paid out altogether for bugs in its bounty programs? Over $128,000. While the IE11 hunt has come to a close, the company is still looking for any bugs in Windows 8.1, so be sure to get hunting if you're after a reward for making the OS more secure for consumers.
As well as focusing on securing its software with help from the community, Microsoft continues to release security updates to address vulnerabilities in its products. We can relay that Microsoft has patched a critical flaw in Internet Explorer that could expose users to malware and hacks for at least three months.
The exploit, known as CVE-2013-3893, had the capability to integrate into all supported versions of the popular web browser. Microsoft acknowledged the vulnerability in September, releasing a temporary tool to patch IE until the permanent fix was released. Microsoft's Dustin Childs said the following in a blog post:
"The most severe vulnerabilities could allow remote code execution if a customer views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same rights as the current user running Internet Explorer."
The patch contains not only the fix for this issue, but also 10 other issues within IE. 26 different vulnerabilities in Windows, Internet Explorer, SharePoint, .NET Framework, Office, Silverlight, and more were also highlighted in the blog post.
We may earn a commission for purchases using our links. Learn more.
Microsoft's cloud will power CES 2021
CES is going all-digital next year, and it's tapping Microsoft to power the experience. Microsoft and CTA announced today that Microsoft services like Teams, Azure, and Power Platform will all be used to put together next year's show.
Xbox Smart Delivery Games List
The full list of Xbox Series X and Xbox Series S titles committed to Smart Delivery support, and other free visual upgrade offers headed into next-generation consoles.
Xbox game store pages are still a nightmare for non-English speaking users
Microsoft's push for global gaming is still set back by this basic feature disparity.
11 Prime Day deals our writers and editors actually bought
At Windows Central, we are tech snobs, and we know a good deal when we see one. These are Prime Day deals that sucked us in.