Pay Day: Microsoft Rewards Hacker $100K for Finding Windows Exploit Technique

Looking for a career change? Consider becoming a professional bug hunter. Don't worry, it's not as gross as it sounds. We're talking about software bugs, such as pieces of code with unintended consequences or underlying security vulnerabilities. Turns out you can make a lot of money doing this kind of thing. For example, Microsoft rewarded James Forshaw, a well known hacking guru, a $100,000 check for identifying an exploitation technique in Windows.

Forshaw heads vulnerability research at Context Information Security, a security consulting firm in London. He's also six digits richer for finding a bug in Windows, a price Microsoft is more than willing to pay in order to make its operating system more secure.

Microsoft Building

This isn't Forshaw's only payday from Microsoft. He also scored $9,400 for finding bugs in a preview release of Internet Explorer 11, the final version of which is supposed to ship in Windows 8.1 later this month.

Microsoft began offering bounties for certain bugs in June of this year. Under the relatively new program, $100,000 is the biggest single payday someone can receive, and it has to be for "truly novel exploitation techniques against protections built into the latest version" of Windows (in this case, Windows 8.1 Preview). It will also pay up to $50,000 for defensive ideas that accompany a qualifying Mitigation Bypass submission, and up to $11,000 for critical vulnerabilities that affect Internet Explorer 11 Preview.