Microsoft pays researcher $100,000 bounty for finding way around Windows 8.1 protections

http://blogs.seattletimes.com/microsoftpri0/2013/10/08/microsoft-pays-researcher-100000-bounty-for-finding-ways-around-windows-8-1-protections/

In June, Microsoft announced it would be awarding money to people who come up with truly novel ways of getting around the protections in Windows 8.1 Preview, and to those who can find critical vulnerabilities in Internet Explorer 11 Preview.

Today, the company announced it’s awarding $100,000 to James Forshaw, a security vulnerability researcher with Context Information Security. Forshaw was awarded the Mitigation Bypass Bounty for coming up with a new exploitation technique around the protections in Windows 8.1 Preview.

(“Mitigation bypasses” are techniques of going around the protections in a system.)

Microsoft said it couldn’t offer details of the new mitigation bypass technique until the company addresses it.

Katie Moussouris, senior security strategist lead with Microsoft Trustworthy Computing, did say in a statement: “We’re thrilled to receive this qualifying Mitigation Bypass Bounty submission within the first three months of our bounty offering. James’ entry will help us improve our platform-wide defenses and ultimately improve security for customers, as it allows us to identify and protect against an entire class of issues.”