High Price For Exposing Windows Security Flaws

By: Amber Newby  |  November 22, 2013


One would think that with technology geniuses working on projects, Microsoft would not have to look any further for advice on how to improve the Window’s security structure. However, Microsoft just paid a British hacking expert $100,000 for exposing security flaws in Windows.

This past summer, Microsoft launched a program that encouraged hacking experts to look into security vulnerabilities for monetary return. This program was designed to prevent cyber criminals from breaking into their software products.

The head of vulnerability research at Context Information Security consulting firm, James Forshaw, is the man who successfully identified security problems in Windows. After countless hours of studying and examining new angles, Forshaw was able to uncover an “exploitation technique.” No further information regarding exactly what that technique involved has been reported. Upon finding this technique, Forshaw went on to discover various security glitches in Internet Explorer 11 and was subsequently paid $9,400 for those services.

Forshaw has made a career out of helping companies, like Microsoft, protect against potential threats, viruses, and hackers.  His services help build up a defense system that make breaking into an operating system extremely difficult.

In an interview with PCMag.com’s SecruityWatch, Forshaw said, “Microsoft’s Mitigation Bypass Bounty is very important to help shift the focus of bounty programs from offense to defense. It incentivises researchers like me to commit time and effort to security in depth rather than just striving for the total vulnerability count. To find my winning entry I studied the mitigations available today and after brainstorming I identified a few potential angles. Not all were viable, but after some persistence I was finally successful.”

The time Forshaw put into the Microsoft project proved to pay off with the handsome reward he received after his research was completed. An update for Internet Explorer is now available which implements the security precautions instituted because of Forshaw’s findings.

Now that cyber criminals have learned that there is a way to break into Windows products, it is important for users to frequently check for updates and install security features in order to better protect their own computer system.

About Amber Newby

Follow Amber Newby on Google+


Not a member? Become a member (Free)

Forgot Password?