Slashdot Mirror

← Back to Stories (view on slashdot.org)

VeriSign Puts Flaw Bounty on Vista and IE7

Posted by samzenpus on from the bug-money dept.

rchris1172 writes "VeriSign's iDefense Labs has placed an $8,000 bounty on remote code execution holes in Windows Vista and Internet Explorer 7. As part of its its controversial pay-for-flaw VCP (Vulnerability Contributor Program), iDefense said it will pay the reward for each submitted vulnerability that allows an attacker to remotely exploit and execute arbitrary code on either of the two Microsoft products. In addition to the $8,000 award for the flaw, iDefense will pay between $2,000 and $4,000 for working exploit code that exploits the submitted vulnerability."

3 of 91 comments (clear)

  1. Four Steps to Profit by Glacial+Wanderer · · Score: 0, Redundant

    1) Go get a job at Microsoft
    2) Work some of my magic mojo on the next version of Windows
    3) Quit my job at Microsoft
    4) Profit!!!

    --
    Hobby Robotics
  2. Russian Hackers by feld · · Score: 0, Redundant

    In Soviet Russia, vulnerability finds YOU! Seriously though, do you think those underground Russian hackers will haggle with VeriSign? They were selling for a lot more than $8,000!

  3. how much more by koan · · Score: 0, Redundant

    Would you get selling the exploit to some nefarious hoodwinks?
    30K?
    50k?

    --
    "If any question why we died, Tell them because our fathers lied."