Microsoft Pays Hacker For Discovering Security Holes
Tech companies are known to give rewards to hackers or researchers for discovering security holes in their security system. They also hire them for doing short term job related to security. As per the latest news, a British hacking expert will be receiving $100,000 from the American software giant, Microsoft Corp for finding and locating any security holes that exist in its software. This is one of the largest bounties that have been awarded to date by the technology companies to any hacker or researcher. A much anticipated update of the Internet Explorer was also finally released by the company.
According to the company, this update fixes a problem in the browser that had exposed the users to a remote attack. The company said that the first $100,000 bounty had been claimed by James Forshaw, who is head of the vulnerability search department of Context Information Security, a British consulting firm. He had identified a new exploitation technique in Windows operating system. Microsoft will now be developing defenses against a complete class of attacks. Forshaw is one of the ‘white hat’ hackers that hack security systems with good intentions and are rewarded for their efforts.
Hackers are recognized on the hall of fame pages on websites of various technology companies such as Apple and Facebook and they often pay them for their services. Currently, Forshaw is traveling for the purpose of attending a security conference and had also been successful in discovering security holes in a preview release of Microsoft Explorer 11 browser, for which he had been awarded a sum of $9400. This information was provided by the senior security strategist of the Security Response Center of Microsoft. Forshaw stated that he had been working in secure research and development in the past decade and had come across interesting security vulnerabilities.
He added that he was interested in finding new techniques of exploitation and the level of creatively required for that purpose. The mitigations that are available today were studied by him and a few potential angles were identified after brainstorming through which he managed to find his winning entry. He said that it took him a few tries before he was successful. He also asserted that having his entry acknowledged was exciting for him as well as his employer. Forshaw said that it pleased and satisfied him because he was enhancing the security of the customers of his own employer and Microsoft.
Four months ago, the reward program had been revealed by Microsoft for the purpose of bolstering efforts of preventing sophisticated hackers to subvert the new technologies that the company was using in its software, which is used in most of the PCs of the world. A variety of software security bugs have been identified by Forshaw. Hewlett-Packard had also given him a large bounty. Microsoft had disclosed a security bug in its browser last month and also released an update for the purpose of fixing the bug. According to researchers, this flaw was used by hackers for attacking countries in Asia and other regions.