14 DAY TRIAL // An Asian security researcher named Yang Yu has received the second $100,000 (€73,000) bug bounty for Microsoft for finding three mitigation bypass variants as part of Microsoft’s Security Response Center’s bounty program.
Just like ThreatPost notes in an article published today, Microsoft hasn’t published any details of the security glitch that Yu found in its software, but the company confirmed that a second researcher received the biggest reward offered as part of its bounty program.
“This payout reflects the fact that we learned something new that will help us build more robust defenses, but it was built upon known mitigation bypass techniques,” a company spokesperson said.
Microsoft was offering $100,000 for security flaws found in the latest versions of Windows, as well as $50,000 (€36,500) for developing a defense system for a mitigation bypass. A bonus of $11,000 (€8,000) was also offered to researchers who found flaws in Internet Explorer 11.