Slashdot Mirror

← Back to Stories (view on slashdot.org)

VeriSign Puts Flaw Bounty on Vista and IE7

Posted by samzenpus on from the bug-money dept.

rchris1172 writes "VeriSign's iDefense Labs has placed an $8,000 bounty on remote code execution holes in Windows Vista and Internet Explorer 7. As part of its its controversial pay-for-flaw VCP (Vulnerability Contributor Program), iDefense said it will pay the reward for each submitted vulnerability that allows an attacker to remotely exploit and execute arbitrary code on either of the two Microsoft products. In addition to the $8,000 award for the flaw, iDefense will pay between $2,000 and $4,000 for working exploit code that exploits the submitted vulnerability."

1 of 91 comments (clear)

  1. Re:So Now I Can Legally Attempt To Compromise M$ ? by mackyrae · · Score: 0, Offtopic

    That's been going on for years. There used to be companies offering $10,000 per exploit, so you spend a month furiously finding them, sell them 10-20 bugs, and you're set for the year. Apparently my boyfriend decided to support himself that way for a while O_o

    --
    look! it's a bird, it's a plane, it's....a girl? yes, a girl browsing Slashdot on Linux