Microsoft has paid $100,000 Bounty to an Asian researcher Yang Yu as a part of its Security Response Center’s Bounty program. Microsoft Announced that Yang was awarded this bounty for his amazing research on mitigation bypass variants. Today second time Microsoft has paid full bounty of $100,000.
Microsoft further states that “This payout reflects the fact that we learned something new that will help us build more robust defenses, but it was built upon known mitigation bypass techniques”.
Microsoft has paid out more than $250,000 in such bounty program, Since this program was started last June.
What is Mitigation Bypass Bounty and Mitigation Bypass ?
A Mitigation bypass bounty is one of three Bounty program offered by Microsoft. A Mitigation bypass is capable of exploiting remote code execution vulnerabilities that attack the stack. It is sometimes referred as “stack overflow”.
A Mitigation bypass bounty is one of three Bounty program offered by Microsoft. A Mitigation bypass is capable of exploiting remote code execution vulnerabilities that attack the stack. It is sometimes referred as “stack overflow”.
Microsoft further Clarifies that an Bypass Submission must demonstrate a way of exploiting a remote code execution vulnerability in Windows. Bypass must also meet seven criteria.
Other Bounty Program are
- BlueHat Bonus for Defence
-
Internet Explorer 11 Preview Bug Bounty (Closed)
Blue Hat Defense Program pays upto $50,000 for defensive ideas which can qualify
Mitigation bypass submission
Previously James Forshaw, won prize in October he collected Data Execution Prevention (DEP) an memory exploit defenses native to windows.
