Microsoft pays out bounties

Microsoft has paid out $28,000 to a small group of researchers who identified and reported vulnerabilities in Internet Explorer 11. It was part of Microsoft’s first ever bounty program that ran for only a month, but it attracted a number of submissions from well-known researchers. it began in began in June and ended in late July.

The highest payment being $9,400 to James Forshaw for four vulnerabilities discovered in IE and a bonus for finding some IE design vulnerabilities. Researchers had the opportunity to earn as much as $11,000. The company is offering as much as $100,000 for offensive techniques that are capable of bypassing the latest exploit mitigation technologies on the newest version of Windows. That program is ongoing.