Microsoft has awarded its first ever $100,000 bounty to a security researcher who discovered a bug in Windows 8.1.
The software giant has traditionally shied away from paying rewards for security issues, but the company announced its first bug bounties earlier this year specifically designed for Windows 8.1 and Internet Explorer 11. A Google engineer was first to profit from the bounties with a reward for an IE11 bug.
While Microsoft was offering up to $11,000 for IE exploits, the big money was invested in “truly novel” exploitation techniques against Windows 8.1. James Forshaw, a security researcher at Context Information Security, picked up the full $100,000 bounty for detailing a bug that worked around some protections in the preview version of Windows 8.1. Forshaw also previously won a bounty for his role in detecting an IE11 vulnerability. Microsoft isn’t detailing the exploit until the company has fully addressed it.
Related stories From Daily Tech Whip