Microsoft awards HP researchers $125,000 bug bounty

Microsoft has granted HP security researchers a hefty bug bounty for demonstrating Internet Explorer flaws -- days after a vicious XSS vulnerability was disclosed online., Microsoft awards HP researchers $125,000 bug bounty
Software giant 'Microsoft' had rewarded a biggest bounty amount of $125,000 to HP's security researchers in respect to Microsoft Mitigation Bypass Bounty and BlueHat Bonus for Defense program.

Microsoft's Mitigation Bypass Bounty and BlueHat Bonus for Defense Program, which began in 2013, allows security researchers to submit mitigation bypasses against the Windows platform. So according to the Microsoft bounty program, company have awarded a sum total of $125,000 to three security researchers.

Researcher from HP's Zero Day initiative team, Brian Gorenc, AbdulAziz Hariri and Simon Zuckerbraun, have submitted Isolated Heap and Memory corruption bug in the latest version of Internet Explorer.  For the security bug researcher were rewarded $100,000 and offering a way to defend systems against the technique they discovered, which gave them an additional $25,000 in awards, bringing the total count to $125,000.

As like Google, HP's security team also stick to a 120 days vulnerability disclosure policy. All the bug on the latest Internet Explorer were reported to Microsoft with the proof-of-concept case study. Since the bug  discovery was qualified for the bounty reward of tech firm, HP's security team says the security issue has not been patched.

Since researcher are employees of HP, they will not keep the reward amount with themselves. Instead, they are donating the funds to three educational establishments with emphasis on STEM research -- Texas A&M University, Concordia University, and Khan Academy.
Read Also
Post a Comment