Printed from http://www.electronista.com

Microsoft pays maximum $100,000 bounty to Internet Explorer researcher

updated 06:51 pm EDT, Tue October 8, 2013

Recent 'universal flaw' patched in today's 'patch Tuesday' updates

Microsoft said earlier today that it is paying its maximum award -- $100,000 -- to a security researcher who found a critical hole in its Internet Explorer web browser. James Forshaw of the Context Information Society was rewarded by Microsoft for pointing out the flaw which Microsoft patched today.

Forshaw was also the recipient of $9,400 in additional rewards for other flaws found in Internet Explorer 11 in the four-month-old bounty program. He has been credited with finding over 30 security bugs across the PC industry's software, with rewards having been paid by Hewlett Packard and others.

The reported flaw affects all supported versions of Internet Explorer from Internet Explorer 6 through Internet Explorer 11. The exploit allows for remote code execution when an Internet Explorer user browses a website containing malicious code tailored to the specific version of the browser.

Microsoft says of the flaw that "the vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially-crafted website that is designed to exploit this vulnerability through Internet Explorer, and then convince a user to view the website."

Today's patch closes both the universal Internet Explorer bug, as well as some of the other flaws Forshaw reported. Microsoft was criticized for waiting until "patch Tuesday" to fix the problem, with researchers claiming the delay put more users in jeopardy.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Epson PowerLite Home Cinema 2030 projector

With high-definition televisions now the standard, 4K televisions becoming the next big thing, and plasma TVs going the way of the din ...

Life n Soul 8 Driver Bluetooth headphones

When it comes to music on the go, consumers generally have some options to consider when looking for the best experience. While Blueto ...

Tesoro Tizona G2N Elite gaming keyboard

The market for gaming keyboards is getting crowded, starting off with some fairly simple keyboards and diverging into the land of modu ...

Sponsor

toggle

Most Commented

 
toggle

Popular News