BlueHat v13 is Coming

This week, starting Thursday, we’ll be hosting our 13th edition of BlueHat. I’m always so impressed with the level of knowledge we attract to each BlueHat, and while the event is invite-only, we’ll be sharing glimpses into the event via this blog and the hashtag #BlueHat. For each of the past six years I have…

0

Congratulations to James Forshaw Recipient of Our First $100,000 Bounty for New Mitigation Bypass Techniques!

Congratulations to James Forshaw for coming up with a new exploitation technique to get our first ever $100,000 bounty. A security vulnerability researcher with Context Information Security, James already came in hot with design level bugs he found during the IE11 Preview Bug Bounty, and we’re thrilled to give him even more money for helping…

0

Bounty News Update: Bountiful Harvest

Fall is a season traditionally associated with a harvest after planting the seeds and tending the crops. Today I’m proud to announce the names of six very smart people who have helped us make our products more secure by participating in our new bounty programs.  When we launched our bounty programs in June this year, we…

0

MAPP Initiatives Update – Knowledge Exchange Platform

A little more than a month ago, we announced some new initiatives for the Microsoft Active Protections Program (MAPP). One of those announcements was “MAPP for Responders.” The initial response has been extremely positive, so we wanted to provide more information on how we are moving this program forward. Since the announcement, we’ve been working…

0

New MAPP Initiatives

Hi everyone, Some of you may recall the launch of the Microsoft Active Protections Program (MAPP) back in 2008, when we began giving antivirus vendors security bulletin information early, so that they could develop and test signatures for vulnerabilities and be ready to release them when our bulletins were published. MAPP was our answer to…

0

Attention Bounty Hunters – The Ramp Up to Black Hat

We’re three weeks into our new world of bounties for Microsoft products now, and as the clock ticks down on one program, we’re prepping for some live excitement with one of the others. First, the Internet Explorer 11 Preview Bounty is entering its final 10 days; the bounty period for that program closes on the…

0

Filling A Gap In the Vulnerability Market – First Bounty Notification

When Microsoft decided to offer not one but three new bounties, paying outside researchers directly for security research on some of our latest products, we put a lot of thought into developing those bounty programs. We developed a customized set of programs designed to create a win-win between the security researcher community and Microsoft’s customers,…

0

New Bounty Programs – One Week In

Two weeks ago, Microsoft made an important evolutionary step in our work with the security community when we announced our first-ever bounty programs for security issues. One week ago, the Windows 8.1 Preview and Internet Explorer 11 Preview became available for download, and the doors officially opened for bounty-eligible submissions to secure [at] Microsoft [dot]…