Microsoft hands out $28k in Internet Explorer 11 security flaw bounty hunt

By Rich Edmonds
last updated

Microsoft launched a program for hackers and tech gurus to tune in and earn some big bucks by helping out the Internet Explorer team with hunting down security vulnerabilities. The reward was stated to be up to $11,000 per bug. Today, Katie Moussouris, Senior Security Strategist at Microsoft, has announced on TechNet that over $28,000 has been given away to community members who have worked with the company. 

As well as the massive amount of money paid out to help make IE a safer and more secure web browser for consumers, Moussouris also touched on how they're working with more researchers than before. Being able to draw on well-established names directly helps Microsoft ensure its products are more secure at launch - and when it comes to a web browser, this is fairly important.

During the first 30 days of the Internet Explorer 11 preview period, the team received several vulnerability reports that qualified for a bounty. Compare this to the first 30 days of the IE10 beta, where the team received no bulletin-class reports at all. Sure, there's money involved, which is an obvious incentive, but to have such interaction from the community even with a bounty system in place is a big step forward.

Internet Explorer wasn't the only product to be targetted by a bounty program. Windows 8.1 was also sent under the microscope with a massive reward of up to $100,000 for finding security flaws and bugs. It's refreshing to see Microsoft head down the route of inviting the community to help perfect its products and services for rewards, before releasing said properties for consumers to use.

Internet Explorer is currently in a release preview. Should you be super excited about the release of Windows 8.1, you can pre-order a copy for $119 (if you already have Windows 8, the upgrade is free and will be released on October 17th).

Source: TechNet (opens in new tab)

Rich Edmonds
Rich Edmonds
Senior Editor, PC Build

Rich Edmonds is Senior Editor of PC hardware at Windows Central, covering everything related to PC components and NAS. He's been involved in technology for more than a decade and knows a thing or two about the magic inside a PC chassis. You can follow him over on Twitter at @RichEdmonds.

25 Comments
  • That's a very clever idea!
  • Its not unusual, many companies pay out to find bugs for them. Not all, but a lot.
  • Do they deal in a bounty system too? Or do they contract it out? I'm not in the industry, so this seemed novel to me. :-P
  • Yeo, the bounty system is fairly common among big names. I believe Facebook and Google do the same.
  • There was, however, the time that Facebook didn't pay out the guy who found the bug that allowed people to deface other people's pages. (Although he did inform FB about it by defacing Zuckerbergs page.) :P
  • There's a reason for that unwillingness... Lol
  • Hahahaha that cover picture
  • That Boba Fet is a very nice addition to the cover picture. :)
  • If they want me to use IE on a daily basis, they need to add a lot more plugins and add-ons.
  • But the deal with Microsoft is to eliminate all plug-ins and ad-ons to make a fast and lightweight experience.
  • a lot? how many do you need?
  • Weatherbug is an ESSENTIAL NEED for anyone looking to slow down and add ad's to their browsing experience. Also a google toolbar to take up half the screen.
  • Hahaha mike
  • They need to make less add ons and extensions. The main reason IE has such a bad reputation is because of people ending up running 900 toolbars and search providers taking over.
    IE needs to be a clean, barebones, fast and fluid experience. I don't use add-ons other than Fanboi AdBlock and Tracking Protection.
    They need to have the same control over their browser as they do with Windows RT.
  • They need to rebrand the hell out of Internet Explorer. It's a horrible brand, but if they just change the name and maybe the UI a little, people won't care about it actually being IE under the hood.
  • I agree with you on the "brand" part of your argument. People dislike IE simply bacause they remember how bad IE has been in past years. However, it has been hugely changed both in the UI and under the hood ever since IE 9. At this point, they already have a pretty solid browser. It starts up fast, and has a pretty lightweight feel to it. More speed improvements are sure to come, but at this point, the only thing that's really holding it back is, as you said, its name.
  • They should rename it "Explorer of the Internet"
  • What about renaming it to "Microsoft Live HTML Parsing and Rendering Tool"?
  • Or "Xbrowser"? :P
  • Or in my case, XXXbrowser
  • Will raise some eyebrows from friends if they see that one in my desktop.
  • Internet Explorer 11 going to be #1 again! Now I don't have to use Firefox no longer! Chrome & Safari both sucks.
  • I'm usually a Microsoft fan, but I have to say that the only platform which IE works well is Windows Phone. IE just pales in comparison with other browsers like Chrome. Poor add on/extension support, poor startup performance, and lacks simple functionality like paste & go.
  • I installed IE11 on my Windows 7 box at work and I use it everyday, all day. I like it a lot. The problem I have with it is that I have to restart it everyday where with IE10, I never had to. If I don't, IE 11 becomes unstable as hell and will freeze up, ghost and have to be closed via the task manager.  Its probably the only issue I have with it but if I restart it everyday, its pretty nice.
  • The only time i open internet explorer is when i accidently click it instead of the nearby icon..It gets me frustated to even open it..i Hope this new browser changes my opinion :)