Slashdot Mirror

← Back to Stories (view on slashdot.org)

VeriSign Puts Flaw Bounty on Vista and IE7

Posted by samzenpus on from the bug-money dept.

rchris1172 writes "VeriSign's iDefense Labs has placed an $8,000 bounty on remote code execution holes in Windows Vista and Internet Explorer 7. As part of its its controversial pay-for-flaw VCP (Vulnerability Contributor Program), iDefense said it will pay the reward for each submitted vulnerability that allows an attacker to remotely exploit and execute arbitrary code on either of the two Microsoft products. In addition to the $8,000 award for the flaw, iDefense will pay between $2,000 and $4,000 for working exploit code that exploits the submitted vulnerability."

2 of 91 comments (clear)

  1. Re:Four Steps to Profit by __aaclcg7560 · · Score: 4, Informative

    Didn't you read the fine print... current/former Microsoft employees not allowed. Otherwise, every anonymous coward at Microsoft would get the same idea and sabotage Vista/IE7 to collect the reward. Crime isn't supposed to pay if you're non-monopolist!

  2. If you read TFA.. by ganjadude · · Score: 2, Informative

    If you read TFA you would see that they are only offering 6 8K rewards, its not unlimited, you cannot make trillions.

    --
    have you seen my sig? there are many others like it but none that are the same